header-logo
Suggest Exploit
vendor:
Gnuturk
by:
Unknown
N/A
CVSS
N/A
Cross-Site Scripting
79
CWE
Product Name: Gnuturk
Affected Version From: Gnuturk 3G
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Unknown
2007

Cross-Site Scripting in Gnuturk

Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.

Mitigation:

Unknown
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/24152/info

Gnuturk is prone to a cross-site scripting vulnerability.

Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.

Gnuturk 3G is vulnerable to this issue.

http://www.target.com/mods.php?go=News&p=ln&year=2007&month="><h1>Vagrant</h1><script>alert(document.cookie)</script>

Navigation

Suggest Exploit

Services By CQR