Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

zoomblogJS.txt

๐Ÿ—“๏ธย 08 Nov 2005ย 00:00:00Reported byย sikikmailTypeย 
packetstorm
ย packetstorm๐Ÿ”—ย packetstormsecurity.com๐Ÿ‘ย 21ย Views

Zoomblog vulnerable to javascript injection via <img> tag

Show more
Code
`DETAILS  
Zoomblog is prone to javascript injection attacks.   
Zoomblog does not adequately filter <img> tags from various fields.   
It is possible for a malicious Zoomblog user to inject hostile javascript code into the commentary via form fields. This code may be rendered in the browser of a web user who views the commentary of Zoomblog.  
  
EXAMPLE  
Write a comment with this code: <img src='javascript:void(0);' alt='' height=888888 width=888885 border=0>  
  
  
EXPLOIT  
There is no exploit required.  
  
  
HOMEPAGE  
http:/zoomblog.com  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
08 Nov 2005 00:00Current
7.4High risk
Vulners AI Score7.4
zoomblogjavascript injectionimg tagssecurity vulnerability
21
.json
Report