|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
IpLogger <= 1.7 XSS
zerogue
gmail.com
Date: Mon May 22 2006 - 14:08:45 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
IpLogger <= 1.7 XSS
Discovered by: Nomenumbra
Date: 21/5/2006
impact:moderate (potential privilege escalation,possible defacement)
tjthedj's IpLogger (http://tjthedj.us/projects/iplogger/) suffers from XSS in a user's useragent.
It is possible to construct a useragent containing javascript, thus
being displayed to the user once he check's the logs.
Nomenumbra
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]