PHPNS version 2.2.3 suffers from a cross site scripting vulnerability.
b4384310109963a6188d75a769935721163ca21b3516de7024f73725da86ed9d
############################################################
# Exploit Title: [phpns 2.2.3 Cross-site scripting ]
# Date: [26/06/2010]
# Software Link: [n / a]
# Version: [2.2.3]
# special thanks to : <[mca-crb / adele / islamnet / lagripe-dz / anisxp /
jago-dz]>
# Gretz to : algeria national club
############################################################
/.:. Author : [k4k4shi]
/
/.:. contact : lvy@live.de
/
###########################################################
<===[ Exploit ]===>
It was found in phpns you can stole cookies of admin it's in [login] :
http://www.site.com/[path]/login.php/>">[XSS]
<===[ Example ]===>
http://www.aviemoregolf.com/news/login.php/>">
############################################################