header-logo
Suggest Exploit
vendor:
WmsCMS
by:
Unknown
5.5
CVSS
MEDIUM
Cross-Site Scripting
79
CWE
Product Name: WmsCMS
Affected Version From: WmsCMS 2.0
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Not available
CPE: Not available
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Cross-Site Scripting Vulnerabilities in WmsCMS

WmsCMS is prone to multiple cross-site scripting vulnerabilities because it fails to adequately sanitize user-supplied input data before rendering it in a user's browser. Attackers could exploit these issues to steal cookie-based authentication credentials from legitimate users of the site; other attacks are also possible.

Mitigation:

Unknown
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/24365/info

WmsCMS is prone to multiple cross-site scripting vulnerabilities because it fails to adequately sanitize user-supplied input data before rendering it in a user's browser.

Attackers could exploit these issues to steal cookie-based authentication credentials from legitimate users of the site; other attacks are also possible.

WmsCMS 2.0 is vulnerable; other versions may also be affected. 

http://www.example.com/4print.asp?p=60&sbl=>">[XSS]
http://www.example.com/4print.asp?p=60&sbr=>">[XSS]

Navigation

Suggest Exploit

Services By CQR