MyLife suffers from an HTML injection vulnerability that may allow for cross site scripting.
fb9fed50dfcb889a3a12c7b92a1f98000acc77dae62b1f9ed6c6b8d151703e53 %+
$.......#........4.........|)........0............\/\/ %+
%+
%+
%+++++++++++++++++++++++++++++
+++++++++++
# Exploit Title :Mylife reflected XSS vulnerability
# Vendor: www.mylife.com
# Author: $#4d0\/\/[r007k17] a.k.a Raghavendra Karthik D
# Blog: http://shadowrootkit.wordpress.com/
# Google Dork: Copyright © 2011 MyLife.com
**********************************************************************************************************************************************************
BREIF DESCRIPTION
*****************************
Reflected XSS bug in 13th best Social
Networking site in the world.
************************************************************
************************************************************
**********************************
Reflected XSS Vulnerability
********************************
{DEMO}:
http://www.mylife.com/retrieveUsername.pub
EXPLOIT: "><marquee><h1><a href="http://www.xssed.com
">r007k17</a></h1></marquee>
Procedure: open the link given above. Inject above script in email-address.
Observe a link based text in motion(r007k17)
***************************************************************************************************************************************************************
sp3c14l Thanks to my sw337 bro s1d3 effects and my friends@!3.14--
***************************************************************************************************************************************************************
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed