Exploit Title: PhpLinks Cross Site Scripting Vulnerability XSS Vulnerability In PhpLinks Date: 2013 15 September
Author: Arsan
Author email: [email protected]
Author Twitter: @ArsanBlackhat
Vendor Homepage: www.newphplinks.com
Version : All Version
Tested on: Linux & Windows
Category: webapps
Google Keywords: ┬áinurl:”/index.php?PID=” intext:”Powered By phpLinks”

Exploit :

http://127.0.0.1:8081/index.php?PID=[XSS]
http://127.0.0.1:8081/[XSS In SearchBox]

Demo :

www.nXuth.com/index.php?PID=xss
www.eXeli.at/phplinks/index.php?PID=xss
www.ingegnXambientali.it/cercambiente/index.php?PID=xss
www.tourisXfo.it/index.php?PID=xss
www.lupuXnce-timbres.net/index.php?PID=xss
www.links.sXlbard.com/index.php?PID=xss