CLiki Cross Site Scripting

CLiki Cross Site Scripting: Posted Feb 8, 2012; Authored by Sony; CLiki suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 6a5e6a211a7bc98dfd99057049dbdd952041e4f668f15c7a7049e892d1365e72; Download | Favorite | View

CLiki Cross Site Scripting

# Exploit Title: CLiki Cross Site Scripting
# Date: 8.02.2012
# Author: Sony
# Software Link: http://www.cliki.net
# Web Browser : Mozilla Firefox
# Blog : http://st2tea.blogspot.com
# PoC:
http://st2tea.blogspot.com/2012/02/cliki-cross-site-scripting.html
..................................................................

http://en.wikipedia.org/wiki/CLiki

Simple persistent xss.

Create New Page and put xss code and save this.

And you can see xss on the page.

Also we can see our xss on the "Recent Changes" Page.

http://www.cliki.net/Recent%20Changes

http://2.bp.blogspot.com/-bVPzmm6YAlY/TzKyybsoNMI/AAAAAAAAAcc/9GXowU-nf8w/s1600/12.JPG

..................................................................

InSecurity.Ro

Because we care, we're security aware!

Top Authors In Last 30 Days

Red Hat 248 files
Ubuntu 91 files
indoushka 58 files
Jasper Nota 25 files
Willem Westerhof 19 files
Gentoo 13 files
Debian 13 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,087)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,536)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,612)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,441)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,727)
UNIX (9,433)
UnixWare (187)
Windows (6,668)
Other

CLiki Cross Site Scripting

CLiki Cross Site Scripting

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

CLiki Cross Site Scripting

Share This

CLiki Cross Site Scripting

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems