Re: [Full-Disclosure] home land tracker software

From: Clint Bodungen (clint_at_secureconsulting.com)
Date: 02/06/04

  • Next message: Stefan Esser: "Re: [Full-Disclosure] Interesting side effect of the new IE patch"
    To: "Logan5" <Logan5@Logan5.com>, <full-disclosure@lists.netsys.com>
    Date: Fri, 6 Feb 2004 16:37:03 -0600
    
    

    You misstyped your syntax... it should be:

    <script>alert('secured!')</script>

    But yes you are right.

    ----- Original Message -----
    From: "Logan5" <Logan5@Logan5.com>
    To: <full-disclosure@lists.netsys.com>
    Sent: Friday, February 06, 2004 3:06 PM
    Subject: RE: [Full-Disclosure] home land tracker software

    > LOL
    >
    > The NAMECHECK dialog is succeptable to XSS. Enter the following into
    > any of the fields:
    >
    > <script>alert('secured!')</alert>
    >
    > -L5
    >

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Stefan Esser: "Re: [Full-Disclosure] Interesting side effect of the new IE patch"

    Relevant Pages

    • Re: [Full-disclosure] Arin.net XSS
      ... It works in IE just fine and probably some other browsers. ... This prevents the script from being interpreted properly via the Address bar. ... Subject: [Full-disclosure] Arin.net XSS ... I think that XSS in many instances is a serious issues. ...
      (Full-Disclosure)
    • Re: [Full-disclosure] yahoomail dom based xss vulnerability
      ... I do know about DOM and XSS, I wasn't able to reproduce this bug on my end ... that's all the story Bro, hope you understand what i really want to say. ... [Full-disclosure] yahoomail dom based xss vulnerability ... Hosted and sponsored by Secunia - ...
      (Full-Disclosure)
    • RE: [Full-disclosure] Re: Arin.net XSS
      ... You need to copy and paste the full URL into your browser for the XSS to take place. ... Full-Disclosure - We believe in it. ... If you have received this email in error please notify the system manager. ... message contains confidential information and is intended only for the individual named. ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Vulnerability-lab.com XSS
      ... [image: Vulnerability-lab.com XSS - HackTalk Security] ... Full-Disclosure - We believe in it. ... Hosted and sponsored by Secunia - http://secunia.com/ ... can't manipulate other visitors User-Agent header. ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Vulnerability-lab.com XSS
      ... yur havin great time tryin to figure out how badly this list got owned,off ... Subject: [Full-disclosure] Vulnerability-lab.com XSS ... Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)