Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

fr-dyn0.txt

๐Ÿ—“๏ธย 04 Oct 2005ย 00:00:00Reported byย codeslagTypeย 
packetstorm
ย packetstorm๐Ÿ”—ย packetstormsecurity.com๐Ÿ‘ย 23ย Views

FriendsReunited.co.uk has a XSS hole in the Lost Password section with medium to high risk of including malicious code

Show more
Code
`FriendsReunited.co.uk - XSS hole  
--------------------------------  
Desc: Theres' a XSS hole in FriendsReunited  
Risk: Medium to High (can be used to include malicious code)  
Discovered by : dyn0 (codeslag{hat}gmail.com) http://0xdeadface.co.uk  
  
Site blurb : So FriendsReunited is one of those places where people   
that you dont really want to talk to can hunt you down and find you.  
  
Hole description : Theres a hole in the Lost Password section  
  
Screenshot : http://0xdeadface.co.uk/fr_xss.JPG  
  
URL : http://www.friendsreunited.co.uk/FriendsReunited.asp  
?wci=forgotton&member_email=%3Cscript%3Ealert(%22shoot%20the%20kids%20at%20school%22);%3C/script%3E&error=Y  
  
You can use this hole to include code...doesn't that make you hard?  
  
Hugs & Kisses dyn0/codeslag  
  
"Cops say you must refrain from smokin, drinkin' & hoppin trains" - LOC`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
04 Oct 2005 00:00Current
xss holelost password sectionmedium to high riskfriendsreunited.co.ukcode inclusion
23
.json
Report