Bugtraq mailing list archives
Rapid Classified v3.1 [multiple xss (get) & injection sql]
From: saps.audit () gmail com
Date: 19 Nov 2006 15:07:24 -0000
vendor site: http://www.4u2ges.com/ product : Rapid Classified v3.1 bug: multiple xss (get) & injection sql risk : medium injection sql : /viewad.asp?id='[sql] xss : /reply.asp?id=[xss] /view_print.asp?id=[xss] /search.asp?categoryName=1&SH1=[xss] /reply.asp?id=50120815480100001&name=[xss] /advsearch.asp?zipr=1&D1=0&D4=1&zipOpt=20&dosearch=[xss] laurent gaffié & benjamin mossé http://s-a-p.ca/ contact: saps.audit () gmail com
Current thread:
- Rapid Classified v3.1 [multiple xss (get) & injection sql] saps . audit (Nov 20)