<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Vulnerability Development: Re: CSS implication

Re: CSS implication

From: Bill Weiss <houdini_at_nmt.edu>
Date: Sun, 17 Mar 2002 22:31:15 -0700

Frog Man(leseulfrog_at_hotmail.com)@Sun, Mar 17, 2002 at 06:40:24PM +0100:
> I'm not sure but I think that SSI can be used with CSS.
> Then we can include file :, execute
> commands  and execute CGI script
> .
> If that's false, please say it to me.
> Sorry for my bad englsih :)
> frog-m_at_n

If (a big if) the server supports SSI, and the injected bit of script is held
in an HTML file or something else parsed by the server instead of sent directly
to the user (like a CGI), then SSI would work.

-- 
Bill Weiss

Received on Mar 18 2002

This message: [ Message body ]
Next message: Cushing, David: "RE: Stolen source?"
Previous message: Matt Priestley: "RE: CSS implication"
In reply to: Frog Man: "Re: CSS implication"
Next in thread: zero: "Re: CSS implication"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos