Lucene search
K

Nikiara Fraud Management System Cross Site Scripting

🗓️ 12 Feb 2010 00:00:00Reported by thebluegeniusType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 36 Views

Nikiara Fraud Management System XSS Vulnerability on Client Login Page

Code
`--------------------------------------------------------------------  
# Exploit Title: Nikiara Fraud Management System XSS Vulnerability  
# Date: 10 Feb 2010  
# Author: thebluegenius  
# Software Link: http://www.subexworld.com/fraud-management.html  
# Version: All  
# Tested on: Unix | Apache 2.2.4  
# CVE : NA  
  
---------------------------------------------------  
"Nikara Fraud Management System" XSS vulnerability.  
---------------------------------------------------  
By :Thebluegenius.   
Email :[email protected]  
Blog :thebluegenius.com.  
---------------------------------------------------  
  
Description:  
  
Nikira Fraud Management System is the next generation fraud management solution built to deliver on a 3-step philosophy of Detect-Investigate-Protect. Nikira detects known fraud types and patterns of unusual behaviour, helps investigate these unusual patterns for potential fraud, and uses the knowledge, thus generated, to upgrade and protect against future intrusions.  
  
The vulnerability lies at client login page. Presently this product is deployed at over 90% of Telecom companies across the world.  
  
------------------  
Vulnerability: XSS  
------------------  
  
you can execute XSS as given below:  
  
http://IPaddress:port/login/prompt?message=%3Cscript%3Ealert%28%27Reflected%20XSS%27%29%3C/script%3E  
  
-----------------------------------------------------  
Greetz Fly Out to:  
1] Amforked() : My good friend  
2] Aodrulez : for inspiring me  
3] www.OrchidSeven.com  
4] www.isac.org.in  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

12 Feb 2010 00:00Current
0.5Low risk
Vulners AI Score0.5
36