Free hosting manager v2.0.2 Stored XSS
2012-12-19 17:05:31# Exploit Title: Free hosting manager V2.0.2 Stored XSS
# Date: 19/12/2012
# Exploit Author: Lee Chung Eon
# Vendor by:
# Software Link: http://www.fhm-script.com/download.php
# Version: 2.0.2
# Category:Web Security
# Tested on: Windows xp / 7
+--------------------------------------------------------------------------+
Stored XSS-vulnerabilities
0. install
1. register complete
2. inject following code
<script>alert(document.cookie)</script>
3. into support --> ticket
4. Visit your profile and Can see the execution of injected script
------------------------------------------------------------------------------
Fixes
No fixesIn order to submit a new fix you need to be registered.