Spymac Web os 4.0 variable XSS

#######################################################
Spymac Web os 4.0 variable XSS
vendor url:http://www.spymac.com/
Advisory:http://lostmon.blogspot.com/2005/09/
spymac-web-os-40-variable-xss.html
Vendor notified : yes exploit avaible : yes
OSVDB ID: 19438
Securitytracker:1014883
########################################################

Spymac is powered by an integrated collection of applications
(developed in-house)that together form "Spymac WOS". Spymac
WOS is an intelligent environment featuring patent-pending
technology that allows for the creation of an immersive and
visually-stunning Web experience.

Spymac flaw that allows a remote cross site scripting attack.
This flaw exists because the application does not validate
'category' variable upon submission to 'index.php script.
This could allow a user to create a specially crafted URL
that would execute arbitrary code in a user's browser within
the trust relationship between the browser and the server,
leading to a loss of integrity.

############
version afected
############

Spymac Web Os 4.0

#########
Solution
#########

No solution at this time

##########
timeline
##########

Discovered : 10 sep 2005
Vendor notify: 10 sep 2005
Vendor response: 10 sep 2005
Disclosure : 10 sep 2005
Public disclosure: 11 sep 2005

############
Examples
############

http://[victim]/index.php?category=1%22%3E%3Cbody%3E%3Ch1%3ESe%20busca
%20H4x0r%3C/h1%3E%3Cp%3E%20es%20peligroso%20y%20va%20armado%3Cbr%3E%20
Lleva%20un%20portatil%20y%20un%20palm%20en%20las%20manos%3Cbr%3E%20si%
20le%20ven%20;%20no%20le%20proporcionen%20conexion%20a%20internet.%3C/p
%3E%3Cp%3E%3C/p%3E3Cimg20src=http://www.ttvn.com.vn/Uploaded/administrator/
hacker.jpg%3E%3Ch1%3EBy%20Lostmon%3C/h1%3E%3C/body%3E

############################# €nd ##########################

THnx To estrella to be my ligth...
--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
--
La curiosidad es lo que hace mover la mente....