Affected Vendor: www.topnew.net/sidu/
Credits: John Page ( hyp3rlinx ) Domains: hyp3rlinx.altervista.org
Product: Sidu version 5.2 is a web based database front-end administration tool.
Sidu 5.2 is vulnerable to cross site scripting attacks.
Vendor Notification May 12, 2015 May 13, 2015: Public Disclosure
Request Method(s): [+] GET
Vulnerable Product: [+] Sidu 5.2
Vulnerable Parameter(s): [+] sql=[XSS]
Affected Area(s): [+] Admin of currently logged in user.