phpGreetCards XSS Vulnerabilities

{"type": "zdt", "lastseen": "2016-04-20T02:28:12", "bulletinFamily": "exploit", "cvelist": [], "history": [], "title": "phpGreetCards XSS Vulnerabilities", "published": "2010-04-23T00:00:00", "href": "http://0day.today/exploit/description/11947", "cvss": {"vector": "NONE", "score": 0}, "description": "Exploit for php platform in category web applications", "hash": "f8f57671ea0c487503a60ac9dd64e55ab7e85483c99fdbb991c9711b17466bc6", "references": [], "objectVersion": "1.0", "edition": 1, "sourceData": "=================================\r\nphpGreetCards XSS Vulnerabilities\r\n=================================\r\n\r\n[:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]\r\n>> General Information \r\nAdvisory/Exploit Title = phpGreetCards XSS Vulnerabilities\r\nAuthor = Valentin Hoebel\r\nContact = valentin@xenuser.org\r\n\r\n \r\n[:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]\r\n>> Product information\r\nName = phpGreetCards\r\nVendor = W2B\r\nVendor Website = http://www.w2bpm.com/\r\nAffected Version(s) = 3.7\r\n\r\n\r\n[:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]\r\n>> #1 Vulnerability\r\nMultiple XSS possibilities on multiple parameters, e.g. when creating an ecard:\r\n\r\nindex.php?mode=select&category=XX&card[image]=XX&card[sender_name]=~XSS~&card[sender_email]=XX&card[recip_name]=~XSS~&card[recip_email]=XX&card[stamp]=XX&card[bg]=%23B8C2C9&card[font_color]=%23A2ABB1&card[category]=XX&PHPSESSID=XX\r\n\r\n\r\n[:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]\r\n>> Additional Information\r\nAdvisory/Exploit Published = 22.04.2010\r\n\r\n\r\n[:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]\r\n>> Misc\r\nGreetz && Thanks = inj3ct0r team, Exploit DB, hack0wn and ExpBase!\r\n\r\n\r\n[:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]\r\n\r\n\r\n\n\n# 0day.today [2016-04-20] #", "id": "1337DAY-ID-11947", "sourceHref": "http://0day.today/exploit/11947", "modified": "2010-04-23T00:00:00", "reporter": "Valentin Hobel", "enchantments": {"vulnersScore": 3.7}}