[42262] in bugtraq

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

XSS in WBNews < = v1.1.0

daemon@ATHENA.MIT.EDU (dragonjar@gmail.com)
Tue Jan 17 14:09:14 2006

Date: 17 Jan 2006 10:13:22 -0000
Message-ID: <20060117101322.31313.qmail@securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: dragonjar@gmail.com
To: bugtraq@securityfocus.com

it is possible to be executed I cosay arbitrary within the system wbnews in the field "Name" for example <script>alert("Hello DragoN");</script>

WBNews
http://www.webmobo.com/

DragoN
DragonJAR@gmail.com

home	help	back	first	fref	pref	prev	next	nref	lref	last	post