[VIM] ASP-DEV XM Forum RC3 XSS - unable to verify
Steven M. Christey
coley at mitre.org
Thu Dec 15 01:47:00 EST 2005
Apparent reporter: Dj_Eyes
BID: 15858
Original report not locatable.
Claim: XSS in forum.asp via forum_title, in ASP-DEV XM Forum RC3
Problem:
> lynx 'http://www.asp-dev.com/download.asp?did=1'
> unzip ASPXMForum-RC3.zip
> cd Forum_RC3/
> grep -i forum_title `find . -type file`
--> yields nothing
> grep -i forum_id `find . -type file`
--> yields nothing
(and leave me alone about my little find lameness)
Note: might be AliveSites instead.
- Steve
More information about the VIM
mailing list