BizDirectory <== 2.04 Cross-Site Scripting Vulnerabilities

2008-09-04T00:00:00
ID SECURITYVULNS:DOC:20448
Type securityvulns
Reporter Securityvulns
Modified 2008-09-04T00:00:00

Description

Dear Securiteam moderator: I found a bug in BizDirectory that allows to us to occur a Cross-Site Scripting on a Remote machin. It works tested with the Vulnerable Software 2.04. An Exploit Released For This Vulnerability. A Full Description Can be found in the document:

Islamic Republic Of Iran Security Team

Www.IrIsT.Ir

BizDirectory <== 2.04 Cross-Site Scripting Vulnerabilities

Download......: http://www.idevspot.com

Bug Found.....: IrIsT™

discovery.....: Am!r

contact.......: Admin [at] IrIsT.ir

Exploit.......: http://[site]/[path]/?page=[XsS]&mode=search

Google Search.: "Powered By BizDirectory 2.04" Or Inurl:"BizDirectory2.04"

SP TNX........: dr.flaghk