Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ######################################################################
- # siteGo all version Xss Stored & Full Path Disclosure #
- # Author : hamza killer #
- # E-mail : hlyzidi@gmail.com #
- # GoogleDork: -_- !!! #
- # Vendor :http://site-go.com #
- # Thx TO : sec4ever & sec4all #
- ######################################################################
- xss :
- ===
- index.php in input search
- Xss stored in
- site.com/?action=contacts
- how exploit :
- just put your payload(javascript code or html) in message (You can steal cookies.)
- And it will be sent to admin in control and
- When he will read the message the code will be execute
- (sorry for my very bad english)
- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- Full Path Disclosure:
- ===================
- just use any headr editor tools to delete Cookie: PHPSESSID=
- look :
- http://im64.gulfup.com/sbo4l.png
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement