AOH :: HP Unsorted V :: B06-1959.HTM

Vhcs --- virtual hosting control system cross site scripting



VHCS --- Virtual Hosting Control System Cross Site Scripting
VHCS --- Virtual Hosting Control System Cross Site Scripting



#----------------------------------------------------------
#Aria-Security.net Advisory
#Discovered  by: O.U.T.L.A.W
#< www.Aria-security.net>
#Gr33t to: A.u.r.a  & R@1D3N & Smok3r
#-----------------------------------------------------------
 Software: VHCS
Link: http://www.vhcs.net
 Attack method: Cross Site Scripting
advisory:http://www.aria-security.net/hm/vhcs.txt

 Summary:
vhcs is a powerfull Hosting Managment

 Proof of Concept:
                                Admin Require

        [target]/admin/server_day_stats.php?year=2006&month=05&day=2[xss]
        [target]/admin/server_day_stats.php?year=2006&month=05[xss]&day=2
        [target]/admin/server_day_stats.php?year=2006[xss]&month=05&day=2


 Solution
contact me: Advisory@Aria-Security.net


The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.