########################################### # # Script Name : Explorer V7.20 # # Version : V7.20 Release Candidate 1 REV A # # Bug Type : XSS vulnerability # # Found by : Metropolis # # Discovered : 20 December 2009 # # Download app : http://www.jbc-explorer.info/?action=download&download=16 # # Dork : JBC explorer [ by Psykokwak & XaV ] # ########################################### PoC : http://[target]/[path]/dirsys/arbre.php?0=search&last=1[Xss] example : http://[target]/[path]/dirsys/arbre.php?0=search&last=1 local Example : http://localhost/album/dirsys/arbre.php?0=search&last=1 [ Greetz: [~]: Frf2 Az£L Z£L EsSandRe ticlem007 the killers themic Lariane All www.metropolis.thebigbang.fr :[~]