## HeLiOsZ - Dark End Team - Internet Security Team
## Archangel Weblog 0.90.02 and prior Multiple HTML injections
## IRC: darkend.sytes.net #darkend , http://darkend.sytes.net &
http://www.darkend.org
## Rish : Medium
## Type : web applet
## Creator: http://www.archangelmgt.com/
## Exploit:
- To exploit this issue you must only put your injection in the Name,or the
Comment
section,because that two parts do not sanitize the imput
## Archangel Weblog 0.90.02 and prior Multiple HTML injections
## IRC: darkend.sytes.net #darkend , http://darkend.sytes.net &
http://www.darkend.org
## Rish : Medium
## Type : web applet
## Creator: http://www.archangelmgt.com/
## Exploit:
- To exploit this issue you must only put your injection in the Name,or the
Comment
section,because that two parts do not sanitize the imput
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
[ reply ]