Home / os / blackberry

Question2Answer 1.7 Cross Site Scripting

Posted on 25 March 2015

###################################################################### [+] Title: Script Question2Answer 1.7 - Stored XSS Vulnerability [+] Author: s0w [+] Tested On Windows & Linux [+] Date: 21/03/2015 [+] Type: Web Application [+] Script Download: https://github.com/q2a/question2answer [+] Vendor Homepage: http://www.question2answer.org [+] Vulnerability in:qa-includepagesquestion.php [+] Google Dork : intext:"Powered by Question2Answer" ####################################################################### [+] As shown in the code, the value of 'title' and 'textbody' not filtered by 'htmlspecialcharts' which cause stored xss and same in data-store in webserver SQL commands . [+] Exploit : 1. Browse application in browser .. 2. Add new question with xss code like alert method ;) 3. submit the new question to viewers .. 4. complete next steps as xss in tag,body,title,.. etc .. 5. Finally submit your Qes .. 6. Test your target in main page ./index.php .. 7. Use this in Cookies,alerts, Or TrafficBots :D Have Fun !! [+] XSS Pattern can be used: '"<script>alert(/s0w/)</script> [+] Demo Video : http://youtu.be/6qy9DXifNiw [+] Demo Target : http://soualwjoab.com/ # Discovered By: s0w # Contact: fb.me/s0w.egy # Mail: s0wxp0c@gmail.com ‪#‎ Greetz‬ To Egyptian Shell team | Sec4ever ‪#

 

TOP