{"id": "SSV:85691", "type": "seebug", "bulletinFamily": "exploit", "title": "fuzzylime (cms) 3.0 'usercheck.php' Cross Site Scripting Vulnerability", "description": "No description provided by source.", "published": "2014-07-01T00:00:00", "modified": "2014-07-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.seebug.org/vuldb/ssvid-85691", "reporter": "Root", "references": [], "cvelist": [], "lastseen": "2017-11-19T16:24:52", "history": [], "viewCount": 0, "enchantments": {"vulnersScore": 4.3}, "enchantments_done": [], "objectVersion": "1.4", "sourceHref": "https://www.seebug.org/vuldb/ssvid-85691", "sourceData": "\n source: http://www.securityfocus.com/bid/31306/info\r\n\r\nfuzzylime (cms) is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.\r\n\r\nExploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected site. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.\r\n\r\nVersions prior to fuzzylime (cms) 3.03 are vulnerable. \r\n\r\n<form method="post" action="http://www.example.com/fuzzylime/admin/usercheck.php"> <input type="hidden" name="log" value="in"> <input type="text" name="user"value='"><script>alert(1)</script>'> <input type=submit></form> \n ", "status": "cve,poc", "_object_type": "robots.models.seebug.SeebugBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"]}

{"result": {}}