• info
• discussion
• exploit
• solution
• references

BannerFarm Multiple Cross-Site Scripting Vulnerabilities

These issues can be exploited through a web client.

The following proof-of-concept URIs are available:

http://www.example.com/banners.cgi?aff=[XSS]
http://www.example.com/banners.cgi?aff=&cat=[XSS]