Rapid Classified 3.1 advsearch.asp dosearch Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21197/info Rapid Classified is prone to multiple input-validation issues, including multiple cross-site scripting issues and an SQL-injection issue, because the application fails to properly sanitize user-supplied input. ...

Unfixed XSS vulnerability at www.carnegie.ru

Security researcher CrypTIc, has submitted on 26/07/2007 a cross-site-scripting XSS vulnerability affecting www.carnegie.ru, which at the time of submission ranked 459270 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/08/2007. It is current...

CVE-2006-6929

Multiple cross-site scripting XSS vulnerabilities in Rapid Classified 3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to a reply.asp or b viewprint.asp, the 2 SH1 parameter to c search.asp, the 3 name parameter to reply.asp, or the 4 dosearch parameter to ...

Microsoft IIS advsearch.asp Direct Request Remote DoS

The remote instance of IIS includes the sample site 'ExAir'. By calling one of the included Active Server Pages, specifically '/iissamples/exair/search/advsearch.asp', an unauthenticated, remote attacker may be cause the web server to hang for up to 90 seconds the default script timeout if the...