15 lines
717 B
Text
Executable file
15 lines
717 B
Text
Executable file
###########################################################
|
|
# Software: InselPhoto v1.1 Persistent XSS Vulnerability #
|
|
# Discovered by: Paul Hand aka rAWjAW #
|
|
# Blog: http://rawjaw-security.blogspot.com #
|
|
# E-mail: phand3754<at>gmail<dot>com #
|
|
# Shouts: rBg && eternal_security #
|
|
###########################################################
|
|
|
|
For this Persistent XSS to work you have to:
|
|
1. Create a user account
|
|
2. Create an album
|
|
3. Upload any picture to the photo album you created and put as the description something such as: <script>alert(document.cookie)</script>
|
|
4. Now have anyone view your slideshow!
|
|
|
|
# milw0rm.com [2009-02-16]
|