The horizon of a sub-Station back to bypass-vulnerability warning-the black bar safety net

2013-05-15T00:00:00
ID MYHACK58:62201338758
Type myhack58
Reporter 佚名
Modified 2013-05-15T00:00:00

Description

The horizon of a sub-station in background to bypass leaked some user information!

  1. Background privileges to bypass the http://younghainan.tianya.cn/admin888/left.aspx ban js

Leaked some information on the Ah Pro! To thehackingto get the user information on what to do.

There seemed to be background injection!

<

There is a reflectionxss http://3g.tianya.cn/sch/sch.jsp?vu=64708302265&k=%2 2%3E%3Cscript%3Ealert%2 8%27XSS%2 7% 2 9%3B%3C%2Fscript%3E%3C%2 2&t=2

Vulnerability proof:

!

!