Unfixed XSS vulnerability at phome.net

ID XSSED:70571
Type xssed
Reporter Wong Chieh Yie
Modified 2011-11-12T00:00:00


Security researcher Wong Chieh Yie, has submitted on 09/11/2010 a cross-site-scripting (XSS) vulnerability affecting phome.net, which at the time of submission ranked 6559 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 11/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://phome.net/e/enews/?enews=DoForPl&plid=5&classid=6&id=7&dopl=1&doajax=1&ajaxarea=<script>alert(/Xssed By Pierre/)</script>