Bugtraq mailing list archives
phazizGuestbook v2.0 - XSS
From: luny () youfucktard com
Date: 8 Jun 2006 21:49:05 -0000
phazizGuestbook v2.0 Homepage: http://www.devhome.de/#english_version Effected files: input boxes of name, email, url, text. XSS Vulnerability: None of these input boxes sanatize user input before generating it. for PoC put <IMG SRC=javascript:alert(�XSS')> in any of the above boxes.
Current thread:
- phazizGuestbook v2.0 - XSS luny (Jun 09)