BtitTracker 1.4 xss
Some fields are not sanitized for bad chars or words like javascript.
=email field=
When new user is registered you can put whatever you want and after that when still in mode "validating" you can change your email to something like "><plaintext>
the field is 30 chars long so it is hard to xss exploit it successfully.
=UserSearch field=
It is not checked for bad chars
example:
http://localhost/tracker/users.php?searchtext="><plaintext>
=ForumTopicSubject=
When in forums and write new topic the subject field isn`t sanitized.The field is 40 chars and is enough for exploit.
=Avatar=
Yes the avatar also.When you change your profile you can try to put something like
"><script>alert(1)<script>
but this is not that exploitable because only the one who is changing the profile can be xss-ed.
There is another way with
javascript:alert(1)
but this one works only for Opera and IE.
Firefox survived again.
further info here: http://www.btiteam.org/smf/index.php?topic=6625.0
http://auto-motor-und-sport.bg/
С бензин в кръвта!