########################################################
| Title  : MediaFire (mediafire.com) Persistent XSS
| Author : Codeine
| Email  : f3codeine[at]yahoo[dot]com
| Site   : http://infosecforums.com/
| Date   : 08/21/2011
| Cat    : PHP[XSS]
| URL    : http://mediafire.com/
########################################################

Mediafire.com suffers from a persistent XSS vulnerability within its file uploads.
After a user has uploaded their file they can change the title of the file.
To something like
<script>alert('CodeineIntra')</script> .txt 

It must contain an extension to save.
This is a persistent vulnerability.


POC: http://www.mediafire.com/?c3kso7cqsmltafy
_________________________________________________________________________________
Greetz 
Hidden Ninja
All Of Team Intra