Computer Security

Security Advisory: Multiple Stored XSS in XOOPS 2.4.4 Admin Section
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  Information disclosure vulnerability in Drupal's Realname User Reference Widget contributed module (version 6.x-1.0)

  Joomla (Jw_allVideos)
Remote File Download Vulnerability

  LDF (Default.
asp) Sql Injection Vulnerability

  cmsmadesimple Multiple Security Issues : XSS+ LFI

From:beenudel1986_(at)_gmail.com <beenudel1986_(at)_gmail.com>
Date:16.02.2010
Subject:Multiple Stored XSS in XOOPS 2.4.4 Admin Section

# Greetz to all Darkc0de ,AI,ICW, AH Memebers
# Shoutz to r45c4l,j4ckh4x0r,silic0n,smith,baltazar,d3hydr8,FB1H2S, lowlz,Eberly,Sumit,
#
# Author: Beenu Arora
#
# Home  : www.BeenuArora.com
#
# Email : beenudel1986@gmail.com
#
# Share the c0de!
#
################################################################
#
# Exploit: Multiple Stored XSS in XOOPS 2.4.4 Admin Section
#
# AppSite: www.xoops.org
#
# Tested Version : 2.4.4
#
# Request: POST
#
# Sample URLs:-http://localhost/xoops/htdocs/modules/system/admin/groupperm.php
# http://localhost/xoops/htdocs/modules/system/admin.php
#
#
################################################################

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server