Lucene search

K
xssedMatt fareyXSSED:62593
HistoryAug 07, 2009 - 12:00 a.m.

Unfixed XSS vulnerability at www.lambda-tek.com

2009-08-0700:00:00
matt farey
www.xssed.com
4
xss vulnerability
www.lambda-tek.com
matt farey
cross-site-scripting
unfixed
bug bounty

Security researcher matt farey, has submitted on 08/07/2009 a cross-site-scripting (XSS) vulnerability affecting www.lambda-tek.com, which at the time of submission ranked 70649 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 19/05/2010. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: https://www.lambda-tek.com/componentshop/index.pl?login=login&message=login+failed+-+account+does+not+exist+or+password+is+incorrect (error 2)<iframesrc=“http://xssed.com”>&usr=xssed&nextURL=https://www.lambda-tek.com/componentshop/index.pl?account=general