OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
PhpBB Xs 2 profile.php Permanent Xss Vulnerability

h3llcodehotmail.it
Date: Thu Sep 20 2007 - 11:35:14 CDT


+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

PhpBB Xs 2 profile.php Permanent Xss Vulnerability

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

#Found By Seph1roth

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

[POST METHOD]

Corrupted page: profile.php?mode=editprofile&cpl_mode=profile_info

Bugged Variable: "selfdes" (Campo "Altre informazioni")

Xss: </textarea>[XSS STRING]