When I read the code of some PHP TS-Viewer (sometimes embedded in adminscripts), I noted that NO data which can be controlled
by the user where filtered. So if I can create an channel (also temporary)
I can execute evil Javascriptcode.
Today I checked a few more scripts and in a few I saw a escaping of the names, but I can't chek all scripts so i've written this post to warn all developers.

For Developers: If you want to know how this Vulnerability works exactly, and if your Script is vulnerable contact me over http://maxesstuff.bplaced.net or write a e-mail at drak3(at)live.de so i can present you an example.



mfg drak3