lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20080206051801.12581.qmail@securityfocus.com>
Date: 6 Feb 2008 05:18:01 -0000
From: no-reply@...a-security.net
To: bugtraq@...urityfocus.com
Subject: Tested on Webmin 1.390

Aria-Security Team (Persian Security Network)
http://Aria-Security.Net
----------------------------------
Tested on Webmin 1.390 Cross Site Scripting

This vuln was tested on Webmin as an administrator account (root) 
and it has worked on the search section (file) of the system.

Value Inserted:
"><script>alert('Discovered By Aria-Security')</script>

Regards,
Aria-Security Team (Persian Security Network)
The-0utl4w
Credits Goes to Aria-Security Team
----------------------------------
for more info visit:
http://forum.aria-security.net/forumdisplay.php?f=60

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ