Built2Go version 1.0 suffers from cross site scripting vulnerabilities.
6ec0f67f8f996935163b2e66e6eaafc77817049f3d5ba360122f52422a0a206a """""""""""""""""""""""""""""""""""""""""""""""
""" :: :: ::::: :::: """
""" :: :: :: : :: """
""" :::: :: :: ::::: ::::: :::: """
""" :: :: ::: ::: :: :: :: :: :: """
""" :: :: :: : : ::::: :: :: :::: """
""" """
"""""""""""""""""""""""""""""""""""""""""""""""
Xmor$ DigitaL Hacking TeaM
# Built2Go v.1.0 => ( news.php & rating.php ) Cross Site Scripting
# Script.............. : Built2Go News Manager blog v.1.0
# Discovered by.... : the_Edit0r
# Location .......... : Iran
# Original Advisory : Www.XmorS.coM ( Pablic ) & Www.XmorS.neT ( Pirv8 )
# Www.XmorS-Security.coM & www.BugTraq.ir
# < Spical tnx Irania Hackers > :
# ( Aria-Security , Crouz , HexHackerS ,IHS-TeaM ,Simorgh-ev , Iranhackers
# Kapa TeaM ,Shabgard , Ashiyane ,DeltaHacking , virangar )
# DL : http://www.built2go.com/
# Demo : http://demos.built2go.com/news%20manager%20blog/1/
# proof Of Concept :
www.example.com/[path]/news.php?cid=[Xss-Script]
www.example.com/[path]/news.php?uid=[Xss-Script]
www.example.com/[path]/rating.php?nid=[Xss-Script]
www.example.com/[path]/news.php?nid=[Xss-Script]
# Contact me : the_3dit0r[at]Yahoo[dot]coM
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed