2024-05-26 14:27:05 +02:00
### [CVE-2008-3581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3581)



### Description
Cross-site scripting (XSS) vulnerability in index.php in Qsoft K-Links allows remote attackers to inject arbitrary web script or HTML via the login_message parameter in a login action.
### POC
#### Reference
- http://securityreason.com/securityalert/4131
2024-06-09 00:33:16 +00:00
- http://securityreason.com/securityalert/4131
2024-05-26 14:27:05 +02:00
- https://www.exploit-db.com/exploits/6192
2024-06-09 00:33:16 +00:00
- https://www.exploit-db.com/exploits/6192
2024-05-26 14:27:05 +02:00
#### Github
No PoCs found on GitHub currently.