facebook facebook twitter rss

onArcade 2.3.0 multi Vulnerability

Author: indoushka , Published: 25-10-2014
onArcade 2.3.0 multi Vulnerability
==================================
Author : indoushka
Vondor : http://nulled-scripts.jmzone.info/
Dork: Powered by onArcade v2.3.0
==================================================

http://127.0.0.1/games/install.php?a=admin

jQuery cross site scripting :

Vulnerability description
This page is using an older version of jQuery that is vulnerable to a Cross Site Scripting vulnerability. Many sites are using to select elements using location.hash that allows someone to inject script into the page. This problem was fixed in jQuery 1.6.3.
This vulnerability affects /games/jscripts/jquery.js.
Discovered by: Scripting (jQuery_Audit.script).
Attack details

Pattern found:
/*!
* jQuery JavaScript Library v1.4.2
* http://jquery.com

Like us on Facebook :