WellyBlog Open Source Blog Portal Cross Site Scripting Vulnerabilitiy

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: WellyBlog Open Source Blog Portal Cross Site Scripting Vulnerabilitiy
From: the_3dit0r@xxxxxxxxx
Date: 26 Jun 2008 20:10:37 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

  Virangar Security Team
  


# Tilte: WellyBlog Open Source Blog Portal Cross Site Scripting Vulnerabilitiy


# Author..................: [the_Edit0r]
# Homepage ...............: [Www.Virangar.net][www.virangar.ir]
# Location ...............: [Iran]
# Software ...............: [WellyBlog Open Source Blog Portal]
# Site Script ............: [http://sourceforge.net/projects/wellyblog/]
# Virangar Team ..........: [ 
hadihadi,MR.nosrati,black.shadowes,MR.hesy,IGI,Kasra515,N1GHT_F0x ]
# Im Member

--------------------------------------- proof Of Concept 
----------------------------------------


  www.example.com/[path]/edit.php?function=add&articleid=[Xss Script]


------------------------------------------ Contact me 
-------------------------------------------

# Contact me : the_3dit0r[at]Yahoo[dot]coM
# [ Virangar.net]

Prev by Date: [SECURITY] [DSA 1599-1] New dbus packages fix privilege escalation
Next by Date: [USN-621-1] Ruby vulnerabilities
Previous by thread: [SECURITY] [DSA 1599-1] New dbus packages fix privilege escalation
Next by thread: [USN-621-1] Ruby vulnerabilities
Index(es):
- Date
- Thread