TUCoPS :: Web :: Specific Sites :: b06-2049.htm

Alexadex.com players.py XSS Exploit
Alexadex.com players.py XSS Exploit
Alexadex.com players.py XSS Exploit


+++++++++++++++++++++++++++++++++++++=0D
|Alexadex.com players.py XSS Exploit|=0D
+++++++++++++++++++++++++++++++++++++=0D
May 04,2006=0D
=0D
++++++++++++++++++++++++++++++++=0D
|XSS Exploition on alexadex.com|=0D
++++++++++++++++++++++++++++++++=0D
=0D
=0D">http://www.alexadex.com/ad/players?group==0D 
=0D
What this will do is add a group with the name: =0D
=0D
When you click the "Join this group" it sets the injected code to your Portfolio and when viewed it executes the injected code.=0D
=0D
++++++++++++++++++++++++++++++++=0D
EMAIL: skinnypuppy@hush.ai=0D 
=0D
demo: http://www.alexadex.com/ad/user/xss

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH