ReBB javascripts vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: bugtraq@securityfocus.com
Subject: ReBB javascripts vulnerability
From: skizzik@imail.ru
Date: Mon, 04 Mar 2002 18:44:33 +0300

  Hi!

    Another php - board named ReBB 
(http://www.rebb.net) has a [img] vulnerability. 
   
  Exploit:
    Use this string (my favorite :)) - 
[img]javascript:alert('test')[/img]

  Possible decision:    
    All urls in [img] tag should start with http://

                                SliderGod

Prev by Date: Re: the dangers of disclosing vulnerabilities when the guilty party is ignorant of industry standards
Next by Date: Security Update: [CSSA-2002-SCO.7] OpenServer: multiple vulnerabilities in squid
Previous by thread: Re: the dangers of disclosing vulnerabilities when the guilty party is ignorant of industry standards
Next by thread: Security Update: [CSSA-2002-SCO.7] OpenServer: multiple vulnerabilities in squid
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux