Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[Full-disclosure] Advisory:XSS vulnerability on WebWiz Forums <= 6.34 (search_form.asp)

Date: Mon Jan 09 2006 - 21:39:42 CST

--Security Report--
Advisory:XSS vulnerability on WebWiz Forums <= 6.34 (search_form.asp)
Date: 08/01/06 07:19 PM
ICQ: 10072
MSN/Email: nukedxnukedx.com
Web: http://www.nukedx.com

About: Via this method the WebWiz Forums <= 6.34 are being subjected to an
attack namely XSS attack a.k.a "Cross Site Scripting".The attacker, with the
help of user clicking to the exploited, is able to inject a code with
the link.

Example &

Solution: This vulnerability has been fixed WebWiz products >= 7.01

 From the NWPX team,
nuker a.k.a nukedx

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/