# exploit title: xss in dirList 0.3.0
# date: 4.o3.2o11
# author: lemlajt
# software : dirList @ sourceforge.net
# version: 0.3.0
# tested on: linux
# cve : 

PoC : 

Input passed via the "folder" parameter to dirLIST_0.3.0/index.php is not properly sanitised in dirLIST_0.3.0/index.php before being
displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session 
in context of an affected site.

The vulnerabilities are confirmed in version 0.3.0. Other versions may also be affected.

Edit the source code to ensure that input is properly sanitised.

# regards,
# lemlajt
# *