VHCS is susceptible to cross site scripting attacks.
df40d326412700f818f56f6cacbd295a167462a7185002c9127d2c2d10cfb1f2#----------------------------------------------------------
#Aria-Security.net Advisory
#Discovered by: O.U.T.L.A.W
#< www.Aria-security.net>
#Gr33t to: A.u.r.a & R@1D3N & Smok3r
#-----------------------------------------------------------
Software: VHCS
Link: http://www.vhcs.net
Attack method: Cross Site Scripting
advisory:http://www.aria-security.net/hm/vhcs.txt
Summary:
vhcs is a powerfull Hosting Managment
Proof of Concept:
Admin Require
[target]/admin/server_day_stats.php?year=2006&month=05&day=2[xss]
[target]/admin/server_day_stats.php?year=2006&month=05[xss]&day=2
[target]/admin/server_day_stats.php?year=2006[xss]&month=05&day=2
Solution
contact me: Advisory@Aria-Security.net
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed