Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web BBS :: etc :: bt8.txt

Snitz Forums 2000 XSS


The BadWord-(Script-)Filter can be tricked by adding the Tab-Char (0x09) 

into the script command. This may lead to CrossSite-Scripting.


[img]jav	asc	ript:alert%28document.cookie%29[/img]


Has been contacted on 15. April.


Available at

greetZ bWM


   badWebMasters - online security vs. web underground

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH