Sinônimos HTML Injection

2021.07.03

Rômulo (BR)

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

hey, what's up security friends, RomuloSec in the house!

website: www.sinonimos.com.br
vulnerability: html injection

proof of concept:

1 . go to website
2 . in 'buscar sinônimos...' put your html code
3 . press enter and ready, your code has been run.

example: https://www.sinonimos.com.br/busca.php?q=<p>RomuloSECurity<%2Fp>

The end!

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Sinônimos HTML Injection

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Sinônimos HTML Injection

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.