Ad Network Script suffers from a cross site scripting vulnerability.
084089d4487e01138d6cc824accae8251 ########################################## 1
0 I'm Sid3^effects member from Inj3ct0r Team 1
1 ########################################## 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
vendor URL :http://www.kaonsoftwares.com/
Price:330EUR :O
Author : Sid3^effects aKa HaRi
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description:
Ad Network Script is developed in PHP and uses a MySQL database. Ad Network Script allows you to run your own ads network similar to adengage.com or adbrite.com. Features mutliple currency support, mulitple language support, categories, and more
#######################################################################################################
Xploit: Persistent XSS Vulnerability
Step 1: Register :P
Step 2 : NOw goto directory
DEMO URL :http://server/adbrite-clone/directory.php
YOu will find various sites listed .select any one and there you will see "BUY ADS"
The xss vuln is in the following options
1.Ad Text
2.Ad Headline
Insert ur xss script in the above options
Attack pattern : ">><marquee><h1>XSS3d By Sid3^effects</h1><marquee>
#######################################################################################################
# 0day no more
# Sid3^effects
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!