Home / os / solaris

efendy-xss.txt

Posted on 03 July 2007

i found a bug on Efendy Blog v1.0 (tr) XSS Vulnerability. i want to publish it on your site. Efendy Blog v1.0 (tr) XSS Vulnerability #Software: Efendy Blog v1.0 (tr) #download: http://www.aspindir.com/goster/4989 #demo: http://www.webixir.com/ #Found By: GeFORC3 ( G3 ) #Example & Exploit : You write xss code in Efendy Blog v1.0 script's search (ara) exp: "><script>alert("G3");</script> Press to "ara"(search) button. This xss works on Efendy Blog v1.0 script's main page ----------------------------------------------------- The POST variable "ara" has been set to "><script>alert("G3");</script> (example xss code) ----------------------------------------------------- WwW.GeFORC3.Org | WwW.HeykirBlog.Com | WwW.NetKaBus.Com

 

TOP