MediaFire suffers from a persistent cross site scripting vulnerability.
e5720e6683905d5be3a308204c542c1d01288ceb234af11b1949135a8f567d85
########################################################
| Title : MediaFire (mediafire.com) Persistent XSS
| Author : Codeine
| Email : f3codeine[at]yahoo[dot]com
| Site : http://infosecforums.com/
| Date : 08/21/2011
| Cat : PHP[XSS]
| URL : http://mediafire.com/
########################################################
Mediafire.com suffers from a persistent XSS vulnerability within its file uploads.
After a user has uploaded their file they can change the title of the file.
To something like
<script>alert('CodeineIntra')</script> .txt
It must contain an extension to save.
This is a persistent vulnerability.
POC: http://www.mediafire.com/?c3kso7cqsmltafy
_________________________________________________________________________________
Greetz
Hidden Ninja
All Of Team Intra