Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web BBS :: Frequently Exploited :: b06-1086.htm

Xss in Wbb 2.3.4
Xss in Wbb 2.3.4
Xss in Wbb 2.3.4

hi again friends
i discovered a xss in wbb again ;)

in the 123.line

$errormsg .= "Script: ".getenv("REQUEST_URI")."\n
"; hmm what can we do with that? if there is an sql db error you may do /wbb/xx.php? or you may use filebase mod for make an sql error like that' Tontonq ;)

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH