WellyBlog Open Source Blog Portal Cross Site Scripting Vulnerabilitiy

---

• From: the_3dit0r@xxxxxxxxx
• Date: 26 Jun 2008 20:10:37 -0000

---

Virangar Security Team



# Tilte: WellyBlog Open Source Blog Portal Cross Site Scripting Vulnerabilitiy


# Author..................: [the_Edit0r]
# Homepage ...............: [Www.Virangar.net][www.virangar.ir]
# Location ...............: [Iran]
# Software ...............: [WellyBlog Open Source Blog Portal]
# Site Script ............: [http://sourceforge.net/projects/wellyblog/]
# Virangar Team ..........: [ hadihadi,MR.nosrati,black.shadowes,MR.hesy,IGI,Kasra515,N1GHT_F0x ]
# Im Member

--------------------------------------- proof Of Concept ----------------------------------------


www.example.com/[path]/edit.php?function=add&articleid=[Xss Script]


------------------------------------------ Contact me -------------------------------------------

# Contact me : the_3dit0r[at]Yahoo[dot]coM
# [ Virangar.net]

---

• Prev by Date: [SECURITY] [DSA 1599-1] New dbus packages fix privilege escalation
• Next by Date: [USN-621-1] Ruby vulnerabilities
• Previous by thread: [SECURITY] [DSA 1599-1] New dbus packages fix privilege escalation
• Next by thread: [USN-621-1] Ruby vulnerabilities
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2008-06