Active Business Directory 2 Cross Site Scripting

2009-12-22T00:00:00
ID PACKETSTORM:84186
Type packetstorm
Reporter Andrea Bocchetti
Modified 2009-12-22T00:00:00

Description

                                        
                                            `  
  
# Author: Andrea Bocchetti   
# Contact: flashcreazione@gmail.com   
# Homepage : www.geekit.it  
  
  
  
  
  
// Software Info   
# Name : activebusinessdirectory   
# Version : v 2  
# Price : $499.00 USD  
  
  
  
This script is possibly vulnerable to Cross Site Scripting (XSS) attacks.  
Input passed via the "search" parameter to search.asp is  
not properly sanitised before being returned to the user.  
This can be exploited to execute arbitrary HTML   
and script code in a user's browser session  
on context of an affected site.  
  
  
POC  
  
http://name.com/demoactivebusinessdirectory/searchadvance.asp? <= xss   
  
  
Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash  
into a vulnerable application to fool a user in order to gather data from them.  
  
How to fix this vulnerability :  
  
Script should filter metacharacters from user input.`