SkyeShoutbox <= v.1.2.0 XSS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: SkyeShoutbox <= v.1.2.0 XSS
From: zerogue@xxxxxxxxx
Date: 22 May 2006 19:11:45 -0000

SkyeShoutbox <= v.1.2.0 XSS

Discovered by: Nomenumbra
Date: 21/5/2006
impact:moderate (possible defacement)

SkyeShoutbox doesn't filter any input at all, thus 
allowing attackers to inject arbitrary html or javascript.

Nomenumbra

Prev by Date: Russcom Ping Remote code execution
Next by Date: Kaspersky antivirus 6: HTTP monitor bypassing
Previous by thread: Russcom Ping Remote code execution
Next by thread: Kaspersky antivirus 6: HTTP monitor bypassing
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux