Advertisements

 BJ Webring cross-site scripting vulnerability

Monday, 12 March 2007

* BJ Webring XSS

* By : sn0oPy

* Risk : high

 
* exploit :

just inject any script on the add link menu : http://www.target.ma/webring/formulaire.php

Dork :

intitle:".: index webring :."

* contact : sn0oPy_at_avenir-geopolitique.net

* greetz : [subzero], http://forums.avenir-geopolitique.net.

reference : http://forums.avenir-geopolitique.net/viewtopic.php?t=2707



Share this content:
        
Advertisements
Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.