扫码分享
验证:
体验盒子1 ########################################## 1
0 I'm Sid3^effects member from Inj3ct0r Team 1
1 ########################################## 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
vendor URL :http://customcms.net/
Price:55$
Author : Sid3^effects aKa HaRi
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description
Custom CMS Gaming is a Content Management System geared towards all Gamers that would like to maintain and create fully functional gaming sources. Whether you're interested in running your gaming site as a hobby or as a serious online venture, Custom CMS Gaming makes it easy for all users to create & manage the Gaming website they've always dreamed of.
#######################################################################################################
Xploit: Persistent Xss Vulnerability
The attacker can insert the xss script in the profile section in the following fields
1.Details option
2.Gaming Connections option
3.My Contact Info option
4.Optionsoption
Attack Pattern:">><marquee><h1>XSS3d By Sid3^effects</h1><marquee> once inserted goto check your profile.
Demo url : http://server/usercp/profile/edit/----> Go here and insert your xss script :)
#######################################################################################################
# 0day no more
# Sid3^effects
体验盒子
