Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
Not specified | CWE-79 (Improper Neutralization of Input During Web Page Generation) | Not specified | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Not specified | High | Remote | 2006-08-15 |
## HeLiOsZ - Dark End Team - Internet Security Team ## simplog 0.9.3 and prior XSS ## IRC: darkend.sytes.net #darkend , http://darkend.sytes.net & http://www.darkend.org ## Rish : Medium ## Type : web applet ## Creator: http://www.simplog.org/ ## Exploit: - The vuln is in the search section,it don't validate the imput. To exploit this vuln you simply need an Internet Browser,you must only use a cookie logger to get the Blog cookies. To know if it is vulnerable: <script>alert('This is an XSS Vulnerability')</script> ## Dork: allinurl:simplog/archive.php _________________________________________________________________ Don't just search. Find. Check out the new MSN Search! http://search.msn.com/
Copyright ©2024 Exploitalert.