########################################################### # Software: InselPhoto v1.1 Persistent XSS Vulnerability # # Discovered by: Paul Hand aka rAWjAW # # Blog: http://rawjaw-security.blogspot.com # # E-mail: phand3754gmailcom # # Shouts: rBg && eternal_security # ########################################################### For this Persistent XSS to work you have to: 1. Create a user account 2. Create an album 3. Upload any picture to the photo album you created and put as the description something such as: 4. Now have anyone view your slideshow! # milw0rm.com [2009-02-16]