========================================================== ==========================================
# TextAds 2.08 Script Cross Site Scripting Vulnerability
========================================================== ==========================================
######################################## ###################################
# Name: TextAds 2.08 Script Cross Site Scripting Vulnerability
# Vendor: http://idevspot.com/TextAds2.php
# Price: $49.95
# Date: 2011-04-14
# Author: Ashiyane Digital Security Team
# Thanks to: 1337day.com, Securityreason.com, packetstormsecurity.com,
# Contact: Xrogue_p3rsi4n_hack3r [at] Hotmail [Dot] com
# Home: www.ashiyane.org/forums/
######################################## ###################################
######################################## ###################################
[+] Dork: intext: "Powered by TextAds 2.08"
######################################## ###################################
[+] Vulnerability:/Title Field/
[+] Note: At First Register in Site, Go To "NewAds" Then in Title Field
Put Your Script!
Result: Administrator After Checking "Campagin Ads" Your
Scriptll Run So> You Can Steal Admin Cookie!
Seems Have more Vulnerability but I didnt Check it YET!
[+] Demo: http://www.youtube.com/watch? V = gKhicG4Aqek
######################################## ###################################
========================================================== ==========================================
# Gr33tz:
# Ashiyane Members: BehroozIce, Q7x, Virangar, Iman_taktaz, Keivan, Ali_eagle
# Taghva, M3QD4D, PrinceOfHacking, Hidden-Hunter, Root3r, elvator, unique2world
# Gladiator, Wahid, Encoder, mmilad200, n3me3iz, Classic, r3d. z0n3, injector, fr0nk
# Mzhacker, zend, milad-bushehr, aliakh ,__ amir __, anti206, ruin3r, Hijacker, Rz04
#&
#1337 Member: r0073r, Side ^ effects, r4dc0re, eidelweiss, SeeMe, agix, gunslinger
# Sn! PEr. S! Te, indoushka, Knockout, ZoRlu, AnT! -Tr0J4n, eXeSoul,
========================================================== ==========================================
# DisCovered By XroGuE !!!