Unfixed XSS vulnerability at malouda.bplaced.net

2008-10-15T00:00:00
ID XSSED:52502
Type xssed
Reporter k3vin mitnick
Modified 2009-09-13T00:00:00

Description

Security researcher k3vin mitnick , has submitted on 15/10/2008 a cross-site-scripting (XSS) vulnerability affecting malouda.bplaced.net, which at the time of submission ranked 5056 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 13/09/2009. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://malouda.bplaced.net/?Itemid=31&option=com_ebygallery&limitstart=0&task=album&path=%3CScRiPt%20%0A%0D%3Ealert(/K3VINMITNICK/)%3B%3C/ScRiPt%3E&sw=0