header-logo
Suggest Exploit
vendor:
VideoGirls
by:
SecurityFocus
3.3
CVSS
MEDIUM
Cross Site Scripting
79
CWE
Product Name: VideoGirls
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

VideoGirls Cross Site Scripting Vulnerabilities

VideoGirls is prone to multiple cross site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials; other attacks are also possible.

Mitigation:

Input validation and output encoding should be used to prevent cross-site scripting attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/36168/info
  
VideoGirls is prone to multiple cross site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data.
  
Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials; other attacks are also possible.

http://www.example.com/view.php?p="><script>alert(document.cookie);</script>