| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060404184256.4195.qmail@securityfocus.com>
Date: 4 Apr 2006 18:42:56 -0000
From: o.y.6@...mail.com
To: bugtraq@...urityfocus.com
Subject: ArabPortal 2.0.1 Stable [ 9 CrossSiteScripting & 1 SQL Injection
] MultBugz
ArabPortal Bugs :-
ArabPortal 2.0.1 Stable [ 9 CrossSiteScripting & 1 SQL Injection ] MultBugz
BugTraqz :- D3vil-0x1 | Devil-00
Visit Palestine :- www.palestineonly.com
/*
1- /forum.php?action=view&id=1&cat_id=3&adminJump=D3vil-0x1[HTML - XSS ]
2- /forum.php?action=view&id=1&cat_id=3&forum_middle=D3vil-0x1[HTML - XSS ]
//*
3- /forum.php?mineID=[SQL Injection]
*//
4- /members.php?action=changepass&form=D3vil-0x1[HTML - XSS ]
5- /members.php?action=edit&form=D3vil-0x1[HTML - XSS ]
6- /pm.php?action=reply&form=D3vil-0x1[HTML - XSS ]
7- /pm.php?action=sendmsg&form=D3vil-0x1[HTML - XSS ]
8- /mail.php?action=sendpage&form=D3vil-0x1[HTML - XSS ]
9- /mail.php?action=sendtome&form=D3vil-0x1[HTML - XSS ]
10- /mail.php?action=sendtousers&userid=1&form=D3vil-0x1[HTML - XSS ]
*/
Powered by blists - more mailing lists