[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Exploitation Realm in Ajax Based Load Tab Modules

To: full-disclosure@xxxxxxxxxxxxxxxxx, websecurity@xxxxxxxxxxxxx, pen-test@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Exploitation Realm in Ajax Based Load Tab Modules
From: Aditya K Sood <zeroknock@xxxxxxxxxxx>
Date: Fri, 04 May 2007 08:29:44 +0530

Hi all

This analysis compose of the active module checking derived from
AJAX based applications.This vulnerability or bad programming practise
 makes the web application vulnerable to XSS scripting and other
Javascript injections.

A very definitive analysis have been undertaken. You can look at the
desired issue at :

http://zeroknock.blogspot.com/2007/05/cutting-edge-research-analysis.html
http://zeroknock.metaeye.org/analysis/

Regards
Aditya K Sood
[MSG} Founder , Metaeye Security G

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] Month of ActiveX Bug
Next by Date: [Full-disclosure] rPSA-2007-0085-1 lftp
Previous by thread: [Full-disclosure] XSS in secure.somethingawful.com at Something Awful AGAIN.
Next by thread: [Full-disclosure] rPSA-2007-0085-1 lftp
Index(es):
- Date
- Thread