BetaBoard-0.1.txt

BetaBoard-0.1.txt: Posted Apr 19, 2006; Authored by Simon MOREL | Site sysdream.com; BetaBoard v0.1 suffers from XSS.; tags | advisory; SHA-256 | afb8090de3158c1441286466eb7bab63539959beaffbdf162de3255525f01b56; Download | Favorite | View

BetaBoard-0.1.txt

//----- Advisory


Program          : BetaBoard
Homepage         : https://gonzo.uni-weimar.de/~scheffl2/betaboard/
Tested version   : 0.1
Found by         : Simon MOREL <philemon at thehackademy dot net>
This advisory    : Simon MOREL <philemon at thehackademy dot net>
Discovery date   : 2006/04/16



//----- Application description


BetaBoard is a small german forum in which thread list is displayed as an indented tree.  



//----- Description of vulnerability


Malicious JavaScript code can be insert in user's profile.



//----- Proof Of Concept


<script>alert('document.cookie')</script>



//----- Impact


Every user reading evil guy's profile can have his cookie stolen



//----- Credits


Simon MOREL <philemon at thehackademy dot net>
https://www.sysdream.com



//----- Greetings


Celelibi for his English ;>

Top Authors In Last 30 Days

Red Hat 300 files
Ubuntu 63 files
Debian 20 files
LiquidWorm 19 files
Apple 9 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files
nu11secur1ty 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,928)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,326)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,981)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

BetaBoard-0.1.txt

BetaBoard-0.1.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

BetaBoard-0.1.txt

Share This

BetaBoard-0.1.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems