Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

VHCS --- Virtual Hosting Control System Cross Site Scripting
From: outlaw () aria-security net
Date: 2 May 2006 02:39:48 -0000
#----------------------------------------------------------
#Aria-Security.net Advisory
#Discovered  by: O.U.T.L.A.W
#< www.Aria-security.net>
#Gr33t to: A.u.r.a  & R () 1D3N & Smok3r
#-----------------------------------------------------------
 Software: VHCS
 Link: http://www.vhcs.net
 Attack method: Cross Site Scripting
 advisory:http://www.aria-security.net/hm/vhcs.txt

 Summary:
vhcs is a powerfull Hosting Managment

 Proof of Concept:
                                Admin Require 

        [target]/admin/server_day_stats.php?year=2006&month=05&day=2[xss]
        [target]/admin/server_day_stats.php?year=2006&month=05[xss]&day=2
        [target]/admin/server_day_stats.php?year=2006[xss]&month=05&day=2


 Solution
contact me: Advisory () Aria-Security net

  By Date           By Thread  

Current thread:
  • VHCS --- Virtual Hosting Control System Cross Site Scripting outlaw (May 02)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]