Easy File Sharing Web Server 6.8 – Persistent Cross-Site Scripting

• Exploit Database
• 13 阅读

• 作者： Sick Psycko
  日期： 2014-12-27
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/35626/

• Exploit Title: Easy File Sharing Webserver =>6.8 Persistent XSS
  Date: 12/26/14
  Exploit Author: SickPsycko
  Vendor Homepage: http://www.sharing-file.com/
  Version:6.8
  Tested on: Windows 7 32bit
  
  The exploit is within the username field.
  So to exploit this vulnerability, One must place the payload into the
  specified field when registering.
  
  http://i.imgur.com/bibu81C.png
  Once logged in. User will be greeted with such.