sabros.us version 1.7 is susceptible to a cross site scripting vulnerability.
6d802f5d2b42ab368863a90cfce90d4d367652660e2e4acc765cbe103f429e49-=[--------------------ADVISORY-------------------]=-
sabros.us 1.7
Author: CorryL [corryl80@gmail.com]
-=[-----------------------------------------------]=-
-=[+] Application: sabros.us
-=[+] Version: 1.7
-=[+] Vendor's URL: http://sourceforge.net/projects/sabrosus/
-=[+] Platform: Windows\Linux\Unix
-=[+] Bug type: Cross-Site Script
-=[+] Exploitation: Remote
-=[-]
-=[+] Author: CorryL ~ corryl80[at]gmail[dot]com ~
-=[+] Reference: www.x0n3-h4ck.org
-=[+] Virtual Office: http://www.kasamba.com/CorryL
-=[+] Irc Chan: irc.darksin.net #x0n3-h4ck
..::[ Descriprion ]::..
sabros.us is a CMS to put your bookmarks online with folksonomy support;
just like del.icio.us, but the big diference is you will have
the complete control of the source code and written on PHP with MySQL
as backend we make it cross platform.
..::[ Proof Of Concept ]::..
http://remote-server/index.php?tag=</title><script>alert(document.cookie)</script>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed