IpLogger <= 1.7 XSS

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: IpLogger <= 1.7 XSS
From: zerogue@xxxxxxxxx
Date: 22 May 2006 19:08:45 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

IpLogger <= 1.7 XSS

Discovered by: Nomenumbra
Date: 21/5/2006
impact:moderate (potential privilege escalation,possible defacement)

tjthedj's IpLogger (http://tjthedj.us/projects/iplogger/) suffers from XSS in a 
user's useragent.
It is possible to construct a useragent containing javascript, thus
being displayed to the user once he check's the logs.

Nomenumbra

Prev by Date: DSChat <= 1.0 XSS
Next by Date: QBv14 XSS
Previous by thread: DSChat <= 1.0 XSS
Next by thread: Re: IpLogger <= 1.7 XSS
Index(es):
- Date
- Thread