Known Flash-based XSS and Content spoofing Hunter

I just finished compiling a list of known flash XSS exploits in the past and created a fuzz page.

http://yehg.net/lab/pr0js/pentest/flash-xsser.php

Payloads are mixture of XSS and content spoofing via user provided inputs.

Thus, new window approach is used.

Diable your popup blocker and anti-XSS protection while testing.

Popular posts from this blog

Open-Realty CMS 3.x | Persistent Cross Site Scripting (XSS) Vulnerability

OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities (CVE-2012-0872)

Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution