ActiveWeb Contentserver CMS 5.6.2929 - Client-Side Filtering Bypass
| EKU-ID: 35386 | CVE: CVE-2007-3017;OSVDB-39745 | OSVDB-ID: |
| Author: RedTeam Pentesting | Published: 2007-07-13 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 35386 | CVE: CVE-2007-3017;OSVDB-39745 | OSVDB-ID: |
| Author: RedTeam Pentesting | Published: 2007-07-13 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/24898/info activeWeb contentserver is prone to a client-side input-validation vulnerability because the application fails to sufficiently sanitize user-supplied data. An attacker can exploit these input-validation vulnerabilities to perform various attacks (e.g. cross-site scripting, SQL injection, etc.). http://127.0.0.1/path/search?q=%22%3E%3Cscript%3Ealert%28%27bl4ck%27%29%3C%2Fscript%3E