Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:19982
HistoryJun 06, 2008 - 12:00 a.m.

SchoolCenter URL Handling Cross Site Scripting Vulnerability

2008-06-0600:00:00
vulners.com
14
JSON

SchoolCenter URL Handling Cross Site Scripting Vulnerability

A vulnerability has been identified in SchoolCenter Software, which could be
exploited to conduct cross site scripting attacks. Attackers can run
arbitrary code that can be executed by the user's browser in the security
context of an affected site. Attackers can exploit these issues via a web
client.

Hackers Center Security Group (http://www.hackerscenter.com)
Credit: Doz

Class: Cross Site Scripting
Remote: Yes
Risk: Medium

Product: SchoolCenter
Vendor: http://www.schoolcenter.net
Version: 8.0 & Previous

http://www.site.com/education/components/docmgr/default.php?sectiondetailid=2179&fileitem=477&catfilter=XSS

http://www.site.com/education/components/docmgr/default.php?sectiondetailid=#XSS

http://www.site.com/education/components/scrapbook/default.php?sectiondetailid=#XSS

http://www.site.com/education/district/district.php?sectiondetailid=#XSS

http://www.site.com/education/admin/XSS

http://www.site.com/education/components/XSS

http://www.site.com/education/components/whatsnew/default.php?sectiondetailid=#XSS

JSON