i wish i'd seen the tinychat :( i'm so sorry what happened to your forum, lisa.
you know /vchat/scripts/sendim.cgi has some serious security problems, right? idk which version was up there, but ...yeah
Net Clubs Pro contains a flaws that allows a remote cross site scripting
attacks.
Those flaws exists because input passed to
"onuser","pass","chatsys","room",
"username","to" parameter in
"/vchat/scripts/sendim.cgi" and input passed to"username" paremter in
"/vchat/scripts/imessage.cgi" and input passed to"password" parameter in "
login.cgi" and input passed to "cat_id" parameter in
"classifieds/viewcat.cgi" isn't properly sanitised before being returned to
the user.
This could allow a user to create a specially crafted URL that would execute
arbitrary code in a user's browser within the trust relationship between the
browser and the server, leading to a loss of integrity.
Results 1 to 30 of 145
Threaded View
-
my weapons turn me into a
- Join Date
- Dec 2011
- Location
- every once in a while
- Posts
- 29,860
12-07-2013Last edited by m0nde; 12-07-2013 at 02:06 AM.
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts