Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: Wbb 2.3. xss
From: Adrian <adrian () planetcoding net>
Date: Sat, 4 Mar 2006 20:32:03 +0100
Thats not a real problem.
You need a valid acp session id which is impossible to get unless you
compromise the system of an administrator (it's not stored in a
cookie).
Additionally it's in the admin cp, so it's not exploitable by bad
people unless you give them acp access.

  By Date           By Thread  

Current thread:
  • Wbb 2.3. xss r57shell (Mar 04)
    • Re: Wbb 2.3. xss Adrian (Mar 06)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]