Walla TeleSite 3.0 ts.exe sug Parameter XSS

2005-11-15T00:00:00
ID EDB-ID:26507
Type exploitdb
Reporter Rafi Nahum
Modified 2005-11-15T00:00:00

Description

Walla TeleSite 3.0 ts.exe sug Parameter XSS. CVE-2005-3577 . Webapps exploit for cgi platform

                                        
                                            source: http://www.securityfocus.com/bid/15419/info
 
Walla TeleSite is prone to multiple input validation vulnerabilities. These are due to a lack of proper sanitization of user-supplied input.
 
Walla TeleSite is prone to information and path disclosure, file enumeration, SQL injection, and cross-site scripting attacks within the context of the victim's Web browser and the affected computer.
 
Other attacks are also possible.
 
Walla Telesite version 3.0 is affected; earlier versions are also affected. 

http://www.example.com/ts.exe?tsurl=0.52.0.0&tsstmplt=search_tour&sug=%61%61%61'%20<script>alert()</script>