## Security Advisory : Cross-Site Scripting flaw in Simple Directory Listing
##
Discovered by     ==> Amol Naik (amolnaik4_at_gmail_dot_com)

## Overview ##
--------------
Quote from from http://simpledirectorylisting.net/ :
"Simple Directory Listing is a single file php script which functions as
directory listing in an apache http server. It provides many useful
functions like copy, delete, read/write, etc.". There are 21,739,293
downloads from sourceforge.net.


## Vulnerability Description ##
-----------------
Simple Directory Listing is vulnerable to Cross-Site Scripting, allowing
injection
of malicious code in the context of the application.



## Technical Details ##
-------------
Vulnerable Product     : Simple Directory Listing 2.1_beta1
Download        :
http://sourceforge.net/projects/simpledirectory/files/simpledirectorylisting/SDL2.1_beta1/SDL2.1_beta1.zip/download
Vulnerability Type     : Cross-Site Scripting (XSS)
Affected page         : SDL2.php
Vulnerable parameters     : cwdRelPath



## Timeline ##
--------------
Bug Discovered : October 3rd, 2009
Informed Vendor : October 3rd, 2009 but no response received till date.


## Proof of concept ##
----------------------

http://localhost/simpledirectorylisting/SDL2.php?cwdRelPath=
'><script>alert(1)</script>