[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] XSS vulnerabilty on eenmiljardseconden.frankdeboosere.be

To: coderman <coderman@xxxxxxxxx>
Subject: Re: [Full-disclosure] XSS vulnerabilty on eenmiljardseconden.frankdeboosere.be
From: Dodi Ara <dodi.ara@xxxxxxxxx>
Date: Tue, 17 Jul 2012 00:43:50 +0700

no pic for POC??

On 7/16/12, coderman <coderman@xxxxxxxxx> wrote:
> On Mon, Jul 16, 2012 at 12:23 AM, Yvan Janssens <Yvan.Janssens@xxxxxxxxx>
> wrote:
>>....
>> I found an XSS vulnerability in
>> http://eenmiljardseconden.frankdeboosere.be/
>> . This vulnerability was possible due to invalid input validation/bad
>> programming. The owner  was contacted and a satiric fix was deployed.
>> ...
>> It is now solved, and if you try to execute it again, you get a link to
>> Rick
>> Astley’s  “Never gonna give you up” on YT.
>
> priceless! ++
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] XSS vulnerabilty on eenmiljardseconden.frankdeboosere.be
  - From: Yvan Janssens
- Re: [Full-disclosure] XSS vulnerabilty on eenmiljardseconden.frankdeboosere.be
  - From: coderman

Prev by Date: Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin
Next by Date: Re: [Full-disclosure] Linux - Indicators of compromise
Previous by thread: Re: [Full-disclosure] XSS vulnerabilty on eenmiljardseconden.frankdeboosere.be
Next by thread: Re: [Full-disclosure] CRYPTO-GRAM, July 15, 2012
Index(es):
- Date
- Thread