Matt's Whois (mwhois.php) is susceptible to multiple cross site scripting vulnerabilities.
dbfb9ada797bf7f95b722ba3c8b2f5360ee2d583203259ba8047ea12a764aba2+==============================================================================+
+ Matt's Whois (mwhois.php) - ALL Versions XSS Multiple Remote Vulnerabilities +
+==============================================================================+
Author(s): Ivan Sanchez & Maximiliano Soler.
Product: MWhois (Matt's Whois Lookup)
Web: https://www.mattsscripts.co.uk/mwhois.htm
Versions: ALL Versions.
Date: 18/02/2008
GOOGLE DORKS:
------------
[+] inurl:"mwhois.php"
EXPLOIT:
--------
https://[DOMAIN].tld/mwhois.php
Variable affected: domain
POST: domain=[XSS]&ext=tld
NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs!
+==============================================================================+
+ Matt's Whois (mwhois.php) - ALL Versions XSS Multiple Remote Vulnerabilities +
+==============================================================================+
--
Maximiliano Soler.
Reports & Review Code.
Null Code Services.
www.nullcode.com.ar
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed