Home Vendor Advisories Open Source Vul DB Rapid Classified advsearch.asp dosearch Variable XSS

Wednesday, 03 December 2008

Main Menu Home About us Contact us Services Partners Downloads Online Services Remote Support Helpdesk Backup Reminders Partners We ensure the highest level of vendor support for our clients & have established alliances with the following vendors: Services Spotlight Maintenance and Support We provide a full range of hardware and software support based services, onsite and off-site including Monitoring services, Remote management and Service level support. Read more...   Login Username Password Remember me Lost Password? Tech Zone Vendor Advisories Cisco Microsoft Open Source Vul DB Products Industry News

Rapid Classified advsearch.asp dosearch Variable XSS Sunday, 19 November 2006 Rapid Classified contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'dosearch' variable upon submission to the advsearch.asp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. Read more...

This page was loaded in 0.052 seconds.