Sarzamin Download - Open Redirect Vulnerability

2017.01.20
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-601

~Exploit : Sarzamin Download - Open Redirect Vulnerability ~Vendor : www.sarzamindownload.com ~my Home : http://iranonymous.org ~Email : Blackwolf@post.com ~Exploit Author : Blackwolf_Iran ================ [ Description ] sarzamin download is One of the famous sites in Iran with high ranking (alexa) in this site you can find any kind of apps - programs and Games and Education about anything . an attacker may successfully launch a phishing scam and steal user credentials. ================ [ prof of concept ] www.sarzamindownload.com/go.php?link=http://attacker-url Unvalidated redirect and forward attacks can also be used to maliciously craft a URL that would pass the application’s access control check and then forward the attacker to privileged functions that they would normally not be able to access. ================ [ Frnds ] Mr.Khatar - hacker khan - ormazd - mamade khodemoon and bache haye Bala .


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top