psychostats-xss.txt

2007-05-23T00:00:00
ID PACKETSTORM:56895
Type packetstorm
Reporter John Martinelli
Modified 2007-05-23T00:00:00

Description

                                        
                                            `PsychoStats v3.0.6b Multiple Cross-Site Scripting Vulnerabilities  
  
PsychoStats contains multiple cross-site scripting vulnerabilities that may be exploited through the URI.  
  
Vulnerable Files: awards.php, login.php, register.php, weapons.php - other files may also be susceptible to this vulnerability.  
Vulnerability: http://target.com/psychostats/weapons.php/>"><script>alert(1)</script>  
Vulnerable: PsychoStats v3.0.6b (other versions may also be vulnerable)  
Google d0rk: "Powered by PsychoStats v3.0.6b"  
  
John Martinelli  
john@martinelli.com  
  
RedLevel Security  
RedLevel.org  
  
May 19th, 2007  
`