Unfixed XSS vulnerability at easysearchdirectory.com

ID XSSED:53141
Type xssed
Reporter k3vin mitnick
Modified 2009-09-13T00:00:00


Security researcher k3vin mitnick , has submitted on 28/10/2008 a cross-site-scripting (XSS) vulnerability affecting easysearchdirectory.com, which at the time of submission ranked 350255 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 13/09/2009. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://easysearchdirectory.com/demo/site_calendar.php?xmonth=01&xyear=%3Cbody+onload=alert(/kevinmitnick/)%3E