March 1, 2010 Karn Ganeshen

TVS Star City Cross-Site Scripting (XSS)

 +++About TVS Automobiles+++
A Leading automobile company with popular products as TVS Apache, Star City etc having operations in India.

+++Affected URL(s)+++
All website URLs which are using the vulnerable parameter. For example:
http://www.tvsstarcity.com/dealer-locator.asp?id=NEW%20DELHI

+++Vulnerable Parameter(s)+++
‘id’

+++PoC+++

Best Regards.
Tagged: , ,

Leave a Reply

Your email address will not be published. Required fields are marked *