advisory-09.txt

advisory-09.txt: Posted Jul 18, 2004; Authored by DarkBicho; Outblaze email suffers from a cross site scripting flaw.; tags | advisory, xss; SHA-256 | 2e3fb75d7c154d7b6b50aaad88ab9ae8b9d1380f03794f14958361957ee8087c; Download | Favorite | View

advisory-09.txt

original advisory: https://www.swp-zone.org/archivos/advisory-09.txt
-------------------------------------------------------------------------------------------------

                            :.: Cross-Site Scripting email Outblaze :.: 

  PROGRAM: Outblaze Email
  HOMEPAGE: https://www.outblaze.com/
  BUG: Cross-Site Scripting
  DATE:  23/05/2004
  AUTHOR: DarkBicho
          Web: https://www.darkbicho.tk
          team:  Security Wari Proyects <www.swp-zone.org>
     PerUnderforce <www.perunderforce.tk>
          Email: darkbicho@peru.com

-------------------------------------------------------------------------------------------------

1.- Intro:
    ~~~~~~ 
    
    Outblaze Web based e-mail supports SMTP and POP3 Internet protocols,
    which allows it to be used 
    as a front-end to multiple e-mail accounts.  

    some Web that uses Outblaze Email

    linumail.org, Peru.com, bolivia.com y colombia.com etc.


2.- Exploit:
    ~~~~~~~

    In order to operate this coarse single fault with sending following
    code HTML:

    <IMG SRC="javasc&#X0A;ript:alert (document.cookie)";" border="0"
    height="1" width="1">

    Example:

    https://www.swp-zone.org/archivos//linuxmail.gif

3.- Test:
    ~~~~


    https://darkbicho.iberhosting.net/email/



4.- Greetings:
    ~~~~~~~~~

    greetings to my Peruvian group swp, perunderforce.
    "EL PISCO ES Y SERA PERUANO"


5.- Contact
    -------

    WEB: https://www.darkbicho.tk
    EMAIL: darkbicho@peru.com
  
-------------------------------------------------------------------------------------------------
                                ___________      ____________ 
                               /   _____/  \    /  \______   \   
                               \____   \\   \/\/   /|     ___/      
                              /         \\        / |    |        
                             /_____ __  / \__/\  /  |____|       
                             \/       \/        
                                Security Wari Projects 
                                  (c) 2002 - 2004
                        Made in Peru

----------------------------------------[   EOF   
]----------------------------------------------
 
  
  
DarkBicho  
Web: https://www.darkbicho.tk
"Mi unico delito es ver lo que otros no pueden ver"

---------------------- The End ----------------------

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 61 files
Debian 20 files
LiquidWorm 20 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,160)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,842)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,249)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,975)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

advisory-09.txt

advisory-09.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

advisory-09.txt

Share This

advisory-09.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems