Advisory #1 (2009)
############################
# Website: dmoz.org
# Bug: HTML Injection, XSS
# Date: 15.01.09
###########################
Vulnerable URL: http://search.dmoz.org/cgi-bin/search?search=
Click here for a demo
Next screenshot to show the presence of XSS bug
Click here for demo
Fix input validation in these pages for better security.
Cheers,
Kish
Thursday, January 15, 2009
XSS in DMOZ Search
Labels:
Crimemachine,
dmoz,
Hack,
Hacking,
HTML Injection,
Insecure,
Insecure Times,
Web Hacking,
Whack,
XSS
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment