| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 22 Nov 2006 23:11:17 -0000 From: gamr-14@...mail.com To: bugtraq@...urityfocus.com Subject: XSS in scriptat support InverseFlow Help Desk v2.31 XSS in scriptat support InverseFlow Help Desk v2.31 :::::::::::::::::::::::::::::::::::::::::::::::::::::: Discovered : SwEET-DeViL & viP HaCkEr & HaCkEr sUn Name scriptat: InverseFlow Help Desk v2.31 tame : AL-garnei K-S-A :::::::::::::::::::::::::::::::::::::::::::::::::::::: #################################################################### [1] in ticketview.php http://www.site.com/support_path/ticketview.php?id=[xss] http://www.site.com/support_path/ticketview.php?email=[xss] http://www.site.com/support_path/ticketview.php?cmd=deletepost&id=[xss] http://www.site.com/support_path/ticketview.php?cmd=deletepost&email=[xss] ################################################################### [2] in ticket.php http://www.site.com/support_path/ticket.php?email=[xss] ################################################################# ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Greetings to all our friends .. ; SwEET-DeViL MiaL is gamr-14@...mail.com or m-0-t@...mail.com
Powered by blists - more mailing lists