Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
TinyMuw v1.0 - XSS Jun 09 2006 07:35AM
luny youfucktard com
TinyMuw v1.0

Homepage:

http://www.l0j1k.com/tinyMuw/index.php

Effected files:

quickchat.php input box

videoPage.php

Input isn't sanatized before being generated in the quickchat.php chatbox. For PoC try putting:

<IMG SRC=javascript:alert('XSS')> in as your comment.

Full path disclosu...

[ more ]  




 

Privacy Statement
Copyright 2009, SecurityFocus