Hackernetwork Mail Xss[Search] Vulnerability

ajannhwt Thu, 25 May 2006 13:57:26 -0700

New Xss Hackernetwork Mail Vulnerability


Hackernetwork Mail Xss[Search] Vulnerability


ENGLISH


#Title : Hackernetwork Mail Xss[Search] Vulnerability


#Author: ajann


Example;


http://hackernetwork.mail.everyone.net/email/scripts/contacts.pl?goToMenu=&EV1=11481394101759371&ab_to=&deleteFlag=&pageNumber=0&matchString=XSS(Url
 
Encode)&matchField=firstName&sortOrder=asc&&addrBook=personal&search_matchField=firstName


TURKISH


#Title : Hackernetwork Mail Xss[Search] Vulnerability


#Author: ajann


Örnek;


http://hackernetwork.mail.everyone.net/email/scripts/contacts.pl?goToMenu=&EV1=11481394101759371&ab_to=&deleteFlag=&pageNumber=0&matchString=XSS
 
KODUNUZ&matchField=firstName&sortOrder=asc&&addrBook=personal&search_matchField=firstName


Aç&#305;klama:


Adres defterinde bulunan filtreleme eksikli&#287;i nedeniyle ararken xss 
yedirilebilmektedir.

Bir loglama scripti yazarak &#351;ifre ve kullan&#305;c&#305; ad&#305;n&#305; 
encodesiz ele geçirebilirsiniz.

Hackernetwork Mail Xss[Search] Vulnerability

Reply via email to