Форум АНТИЧАТ

Форум АНТИЧАТ (https://forum.antichat.xyz/index.php)
-   Уязвимости (https://forum.antichat.xyz/forumdisplay.php?f=74)
-   -   Сайт МТС (https://forum.antichat.xyz/showthread.php?t=19134)

BlackCats 15.05.2006 15:19
Сайт МТС
 
народ! вот новый сайт у мтс появился! пкоа похожу бажный... при отправлке смс возникло такое:
Код:
Server Error in '/' Application.
The Controls collection cannot be modified because the control contains code blocks (i.e. <% ... %>).
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Web.HttpException: The Controls collection cannot be modified because the control contains code blocks (i.e. <% ... %>).

Source Error:

Line 45: {
Line 46:        if(StrValue("key0").ToLower() == "sms" || StrValue("sms") == "1")
Line 47:                ShowControl("InsertTagBase.ascx", this);
Line 48: }
Line 49:


Source File: c:\Inetpub\wwwroot\mts_rus\live\page_controls__smsSending_aspx\Title.ascx.cs    Line: 47

Stack Trace:

[HttpException (0x80004005): The Controls collection cannot be modified because the control contains code blocks (i.e. <% ... %>).]
  System.Web.UI.ControlCollection.Add(Control child) +2058239
  Quantumart.QPublishing.QPage.ShowControl(String name, Object sender, Boolean isNS) +710
  Quantumart.QPublishing.QPage.ShowControl(String name, Object sender) +55
  Quantumart.QPublishing.QUserControl.ShowControl(String name, Object sender) +120
  Quantumart.QPublishing.Site49.Title.LoadGeneric(Object sender, EventArgs e) in c:\Inetpub\wwwroot\mts_rus\live\page_controls__smsSending_aspx\Title.ascx.cs:47
  Quantumart.QPublishing.Site49.Title.InitUserHandlers(EventArgs e) in c:\Inetpub\wwwroot\mts_rus\live\page_controls__smsSending_aspx\Title.ascx.cs:52
  Quantumart.QPublishing.QUserControl.OnInit(EventArgs e) +394
  System.Web.UI.Control.InitRecursive(Control namingContainer) +321
  System.Web.UI.Control.AddedControl(Control control, Int32 index) +2065327
  System.Web.UI.ControlCollection.Add(Control child) +146
  Quantumart.QPublishing.QPage.ShowControl(String name, Object sender, Boolean isNS) +710
  Quantumart.QPublishing.QPage.ShowControl(String name, Object sender) +55
  Quantumart.QPublishing.PlaceHolder.OnInit(EventArgs e) +110
  System.Web.UI.Control.InitRecursive(Control namingContainer) +321
  System.Web.UI.Control.InitRecursive(Control namingContainer) +198
  System.Web.UI.Control.AddedControl(Control control, Int32 index) +2065327
  System.Web.UI.ControlCollection.Add(Control child) +146
  Quantumart.QPublishing.QPage.ShowControl(String name, Object sender, Boolean isNS) +710
  Quantumart.QPublishing.QPage.ShowControl(String name, Object sender) +55
  Quantumart.QPublishing.QPage.ShowControl(String name) +33
  Quantumart.QPublishing.Site49.Default_smsSending_aspx.Page_Init(Object sender, EventArgs e) in c:\inetpub\wwwroot\mts_rus\live\smsSending.aspx.vb:48
  System.EventHandler.Invoke(Object sender, EventArgs e) +0
  System.Web.UI.Control.OnInit(EventArgs e) +2069692
  System.Web.UI.Page.OnInit(EventArgs e) +9
  System.Web.UI.Control.InitRecursive(Control namingContainer) +321
  System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +692


Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET Version:2.0.50727.42
вообще пройдитесь - посмориет.. чё тама? www.mts.ru

vectorg 15.05.2006 15:42
_http://www1.mts.ru/search/ в поиске ">[xss]

а это вообще полный лол :)
_http://www1.mts.ru/live/masquarade.aspx?lol
_http://sms.mts.ru//WebResource.axd?d=%27
_http://www1.mymts.ru/wi-fi/where/
_http://www1.mymts.ru/web.config


Время: 18:29