Unfixed XSS vulnerability at search.simfile.chol.com

2007-08-18T00:00:00
ID XSSED:14150
Type xssed
Reporter FiLEFUSiON
Modified 2007-08-21T00:00:00

Description

Security researcher FiLEFUSiON, has submitted on 18/08/2007 a cross-site-scripting (XSS) vulnerability affecting search.simfile.chol.com, which at the time of submission ranked 25606 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 21/08/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://search.simfile.chol.com/search.php?wh=total&q="><script>alert('XSS BY FiLEFUSiON!!! VISIT:http://file-fusion.net')</script>