SAINT Corporation XSS Defacement
07.11.2010
da d3v1l
SAINT Corporation provides network security tools to financial, government and educational institutions around the world (SAINT customers). The SAINT® vulnerability assessment tools are recognized as industry leaders by top information-security organizations and publications.
SAINT Corporation website vulnerable to Cross-site scripting,html injection and redirect.
Proof of concept:
http://www.saintcorporation.com/cgi-bin/archive.pl?cmd=search&list=HTML Injection
http://www.saintcorporation.com/cgi-bin/archive.pl?cmd=index&list=XSS
