eMeeting dating Persistent XSS

2010-08-12T00:00:00
ID 1337DAY-ID-13679
Type zdt
Reporter SONiC
Modified 2010-08-12T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ==============================
eMeeting dating Persistent XSS
==============================


1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : Inj3ct0r.com                                  0
1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
0                                                                      0
1                    ###################################               1
0                    I'm SONiC member from Inj3ct0r Team               1
1                    ###################################               0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

Webapp : eMeeting dating Persistent xss 
Vendor URL : http://datingscripts.co.uk/index.php

#######################################################################################################


Author : ..::[ SONiC ]::.. aka ~the_M4LW4r3~ <sonicdefence[at]gmail.com>

Special thanks to : Sid3^effects,r0073r (inj3ct0r.com),L0rd CruSad3r,M4n0j,MA1201,D3aD F0x,Nishi,Bunny,CURS3D,SeeME

Greetz to :iNj3cT0r.com, www.andhrahackers.com

#######################################################################################################


Description : 

eMeeting dating software is everything you need to create an online PHP dataing solution. Supports automated signups, automated payments, live chat rooms and instant messaging, specific searching, integrated forums and photo galleries, and much more



###############################################################################################################

Exploit:

Step 1 : Register

Step 2 : Goto your profile

Step 3 : Insert your xss script in the profile area

Attack Pattern : <i><img src="/" onerror=alert('xss');

Step 4 : Now check your profile :)


###############################################################################################################

# ..::[ SONiC ]::.. aka the_M4LW4R3



#  0day.today [2018-01-02]  #