vendor site: http://www.creascripts.com/ product:creadirectory bug: injection sql & xss risk : medium injection sql: /search.asp?search=1&submit=Search&category='[sql] xss: /addlisting.asp?cat=[xss] /search.asp?search=[xss] laurent gaffié & benjamin mossé http://s-a-p.ca/ contact: suppressed
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.