Unfixed XSS vulnerability at www.bsmparty.de

ID XSSED:72126
Type xssed
Reporter SolarFlare
Modified 2011-12-22T00:00:00


Security researcher SolarFlare, has submitted on 18/02/2011 a cross-site-scripting (XSS) vulnerability affecting www.bsmparty.de, which at the time of submission ranked 218809 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 22/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.bsmparty.de/partycam.php?gall_id=1&show_user=99%20union%20select%201,2,3,4,5,0x273c7363726970743e616c657274282258535322293b3c2f7363726970743e27%20--