Vulners
Lucene search
Subrion Auto Classifieds Persistent Xss Vulnerability
=====================================================
Subrion Auto Classifieds Persistent Xss Vulnerability
=====================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ########################################## 1
0 I'm Sid3^effects member from Inj3ct0r Team 1
1 ########################################## 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
Name :Subrion Auto Classifieds Persistent Xss Vulnerability
Date : july 17,2010
Critical Level : HIGH
vendor URL :http://www.subrion.com/product/autos.html
google dork:? 2010 Powered by Subrion CMS
Author : Sid3^effects aKa HaRi
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_,SeeMe,RoadKiller
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description:
Subrion Auto Classifieds is a powerful, highly customizable classifieds script for auto sales sites. It is written in PHP with MySQL. Due to
its easy manageable administrator Web interface and its great amount of features it is an excellent choice if you need a cars classifieds
portal or an auto auction site.
#######################################################################################################
Xploit:Persistent Xss Vulnerability
Step 1 : Register
Step 2 : Submit your auto.
DEMO URL :http://autos.subrion.com/autos/submit.php
Step 3 : The attacker can insert their xss scripts in the options.
Attack Pattern :">><marquee><h1>XSS3d By Sid3^effects</h1><marquee>
Step 4 : Now check your automobile :)
DEMO URL :http://autos.subrion.com/autos/account-autos.html
My demo :http://autos.subrion.com/autos/Acura/MDX/Acura-MDX-marquee-h1-XSS3d-By-Sid3-effects-h1-marqu-a6.html
#######################################################################################################
# 0day no more
# Sid3^effects
# 0day.today [2018-01-01] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jul 2010 00:00Current
7.1High risk
Vulners AI Score7.1