Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:13855
HistoryAug 11, 2006 - 12:00 a.m.

Dragonfly CMS 9.0.6.1 and prior XSS

2006-08-1100:00:00
vulners.com
14
JSON

HeLiOsZ - Dark End Team - Internet Security Team

Dragonfly CMS 9.0.6.1 and prior XSS

IRC: darkend.sytes.net #darkend , http://darkend.sytes.net &

http://www.darkend.org

Rish : Medium

Type : web applet

Creator: http://www.cpgnuke.com/

Exploit:

  • The vuln is in the search section,it don't validate the imput.
    To exploit this vuln you simply need an Internet Browser,you must only use
    a cookie
    logger to get the Portal cookies.
    To know if it is vulnerable: <script>alert('This is an XSS
    Vulnerability')</script>

Dork: Interactive software released under GNU GPL, Code Credits, Privacy

Policy

Don't just search. Find. Check out the new MSN Search!
http://search.msn.com/

JSON