[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
BJ Webring XSS
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: BJ Webring XSS
- From: sn0oPy.team@xxxxxxxxx
- Date: 3 Mar 2007 15:15:20 -0000
* BJ Webring XSS
* By : sn0oPy
* Risk : high
* exploit :
just inject any script on the add link menu :
http://www.target.ma/webring/formulaire.php
Dork :
intitle:".: index webring :."
* contact : sn0oPy@xxxxxxxxxxxxxxxxxxxxxxx
* greetz : [subzero], http://forums.avenir-geopolitique.net.
reference : http://forums.avenir-geopolitique.net/viewtopic.php?t=2707