Home / os / solaris

blabchat-xss.txt

Posted on 17 October 2007

+==================================================================+ + BlaB! Chat < 3.3 (XSS) Multiple Remote Vulnerabilities + +==================================================================+ Author(s): Ivan Sanchez & Maximiliano Soler Product: BlaB! Chat Web: http://hot-things.net/ Versions: 3.3 (only). Date: 16/10/2007 Not Vulnerable: 4.2 (or superior) GOOGLE DORKS: ------------ [+] inurl:"chat/info.php?reason=link" [+] intitle:"BlaB!" EXPLOIT: -------- For example...after the variable "link" http://www.[DOMAIN].tld/chat/info.php?reason=link=[XSS] NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs! +==================================================================+ + BlaB! Chat < 3.3 (XSS) Multiple Remote Vulnerabilities + +==================================================================+ -- Maximiliano Soler. Reports & Review Code. Null Code Services. www.nullcode.com.ar ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.

 

TOP