source: http://www.securityfocus.com/bid/21527/info CMS Made Simple is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. http://www.example.com/index.php?mact=Search%2Ccntnt01%2Cdosearch%2C0&cntnt01returnid=51&cntnt01searchinput=Enter+Search..."><script>alert(document.cookie)</script>&cntnt01submit=Submit
Related Exploits
Trying to match CVEs (1): CVE-2006-6845Trying to match OSVDBs (1): 32571
Trying to match setup file: 0017ce34a13142fce58a6d16758dd6f1
Other Possible E-DB Search Terms: CMS Made Simple 1.0.2, CMS Made Simple