gen_confirm Plugin Xss attack

2013.12.23
Credit: Emperor-Team
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79
Dork: inurl:gen_confirm.html?errmsg=

############## # Exploit Title : gen_confirm Plugin Xss attack # # Exploit Author : Emperor-Team # # Home : www.Emperor-team.org # # Security Risk : Medium # # Dork : inurl:gen_confirm.html?errmsg= # # Tested on: Linux & Windows # ############## # # Location: Target/gen_confirm.html?errmsg=[xss] # # Demo: http://wheatanXdflour.com/gen_confirm.html?errmsg=PERSIA%20Was%20Here # # Demo2: http://tradebXanq.com/gen_confirm.html?errmsg=PERSIA%20Was%20Here ############## # # Mr.PERSIA # # Gmail:Persia.BlackHat@Gmail.CoM # ############## # # We Are: Mr.PERSIA . MR.F@RDIN . Explo!ter . Hidden Dagger . yazdanx7 . # # Dr.3v1l . N3RD . Mr_Bami . H0553|N7 . greendel . trojan . Mr.RaYaN . MaMaD_SeCreT # # yaghi.vahshi . H0$$E!N . tm_sd68 . _exe_ . MoHaMaD-VaKeR .Tir3x . ???? ?????? . Phoenix_Killer . terrible_king # #############

References:

http://www.Emperor-team.org


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top