===========================================================================# TextAds 2.08 Script Cross Site Scripting Vulnerability===========================================================================############################################################################ Name: TextAds 2.08 Script Cross Site Scripting Vulnerability# Vendor: http://idevspot.com/TextAds2.php# Price: $49.95# Date: 2011-04-14# Author: Ashiyane Digital Security Team# Thanks to: 1337day.com,Securityreason.com,packetstormsecurity.com,# Contact: Xrogue_p3rsi4n_hack3r[at]Hotmail[Dot]com# Home: www.ashiyane.org/forums/######################################################################################################################################################[+] Dork: intext:"Powered by TextAds 2.08"###########################################################################[+] Vulnerability:/ Title Field /[+] Note: At First Register in Site , Go To "NewAds" Then in Title Field
Put Your Script !
Result : Administrator After Checking "Campagin Ads" Your
Script'll Run So > You Can Steal Admin Cookie !
Seem's Have more Vulnerability but i didn't Check it YET !
[+] Demo: http://www.youtube.com/watch?v=gKhicG4Aqek
###########################################################################===========================================================================# Gr33tz:# Ashiyane Members : BehroozIce,Q7x,,Virangar,Iman_taktaz,Keivan,Ali_eagle# Taghva,M3QD4D,PrinceOfHacking,Hidden-Hunter,Root3r,elvator,unique2world# Gladiator,Wahid,Encoder,mmilad200,n3me3iz,Classic,r3d.z0n3,injector,fr0nk# mzhacker,zend,milad-bushehr,aliakh,__amir__,anti206,ruin3r,Hijacker,Rz04#&# 1337 Member: r0073r,Side^effects,r4dc0re,eidelweiss,SeeMe,agix,gunslinger# Sn!pEr.S!te,indoushka,Knockout,ZoRlu,AnT!-Tr0J4n,eXeSoul,===========================================================================# DisCovered By XroGuE !!!
