ArticleMS version 2.0 suffers from a cross site scripting vulnerability.
8a0bb64b998a0a09683e7a77acd854fd568342dd11a596e6b95ea1b206d28bf9 __________ __ __ .___ __ .__
\______ \_____ ____ | | __ _____/ |_ __| _/____ _____ _/ |_| |__
| ___/\__ \ _/ ___\| |/ // __ \ __\/ __ |/ __ \\__ \\ __\ | \
| | / __ \\ \___| <\ ___/| | / /_/ \ ___/ / __ \| | | Y \
|____| (____ /\___ >__|_ \\___ >__| \____ |\___ >____ /__| |___| /
\/ \/ \/ \/ \/ \/ \/ \/
Target: ArticleMS
Version: 2.0
Exploit Type: XSS Vulnerability
Price: FREE
Author: Packetdeath
Homepage: www.ssteam.ws
Contact: yaii_abc@hotmail.com
Skype: Packetdeath
Greetz: bi0 and all my people @ SSTeam
#---------------------------------------------------------------------------------------------------------------#
A user could exploit this issue to the fullest, stealing cookies and session data...
#---------------------------------------------------------------------------------------------------------------#
Demo: http://demo.articlems.com
Exploit: http://victimsite.net/[PATH]/search/?a=search&q=PACKETDEATH&advanced=1&sortby=0&finddate=0&c[]=[XSS]
#---------------------------------------------------------------------------------------------------------------#
:( Awe, my mountaindew is GONE!
/Packetdeath
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed