Sunday, December 21, 2008

West Bengal Web Coding Standards (WBWCS) !


###################################
# Website: http://www.wbhealth.gov.in
# Bug: XSS
# Date: 22.12.08
##################################

Vulnerable URL: hxxp://www.wbhealth.gov.in (Site-Search feature)
Pages: site_search.asp, and site_search_result.asp

Text book style XSS for you ladies and gentlemen

Courtesy: Hash Technologies presents West Bengal Web Coding Standards (WBWCS) !

Fix input validation in the search box for god's sake before people ruin the website.

Cheers :)
Kish
Posted by at No comments:
Labels: , , , , , , , ,

And it is such a mystery ;)

And it is such a mystery why HSBC bank gets whacked, and phished a lot...


They've not fixed the bug (XSS) just yet, which was posted 3 months earlier...
Posted by at No comments:
Labels: , , , , , , , , , ,
Subscribe to: Posts (Atom)