[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

html Guest Gear

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: html Guest Gear
From: pieisgdvgd@xxxxxxxxxxxxx
Date: 27 May 2006 08:43:13 -0000

htmls guest gear (all pages that look like this 
http://htmlgear.tripod.com/guest/control.guest?a=sign) has an exploit where you 
can inject html and javascript into there guestbook by doing the following 

<br iframe src=javascript:alert("hi")>></br>

you can put any html or javascript in there. you can find vunrable page by 
doing the following google search 

site:http://htmlgear.tripod.com/guest/control.guest?a=sign

Prev by Date: Re: Re: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt.
Next by Date: [SECURITY] [DSA 1079-1] New MySQL 4.0 packages fix several vulnerabilities
Previous by thread: Re: Proof of concept that PGP AUTHENTICATION CAN BE BYPASSED WITHOUT PATCHING
Next by thread: [SECURITY] [DSA 1079-1] New MySQL 4.0 packages fix several vulnerabilities
Index(es):
- Date
- Thread