"Şeytan İçinde ki Sestir; O Sese Kulak Ver"

-Zorlu BUĞRAHAN-

23 Nisan 2009 Perşembe

Flat Calendar By-Pass / Html inj / XSS Multiple Vulns

kaynak: http://packetstormsecurity.org/0904-exploits/flatcal-bypassxss.txt

kaynak: http://www.yildirimordulari.com/showthread.php?t=6024

By-Pass

http://www.ossi-im-inter.net/calendar/admin/add.php


Html inj:

you go here:

http://www.ossi-im-inter.net/calendar/admin/add.php

write title after write your html code to description

example:

http://www.ossi-im-inter.net/calendar/viewEvent.php?eventNumber=561


Xss

you go here:

http://www.ossi-im-inter.net/calendar/admin/add.php

write title anything ( example salla :D )

write to description this code:

xss code ( site html çalıştırdığından yazmadım )

after go your calender

0 yorum:

 
Dizi