Social Microblogging PRO 1.5 Cross Site Scripting

Social Microblogging PRO 1.5 Cross Site Scripting: Posted Jan 2, 2015; Authored by Halil Dalabasmaz; Social Microblogging PRO version 1.5 suffers from a stored cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | d20e11bbb1d9ea18ee09cff5ecff93713c0a132738792533011166e453126759; Download | Favorite | View

Social Microblogging PRO 1.5 Cross Site Scripting

# Exploit Title: Social Microblogging PRO 1.5 Stored XSS Vulnerability
# Date: 29-12-2014
# Exploit Author: Halil Dalabasmaz
# Version: v1.5
# Vendor Homepage:
https://codecanyon.net/item/social-microblogging-pro/9217005
# Tested on: Chrome & Iceweasel
 
# Vulnerability Description:
 
===Stored XSS===
"Web Site" input is not secure at Profile section. You can run XSS payloads
on "Web Site" input.
 
Sample Payload for Stored XSS: https://example.com/">[xssPayload]
 
=Solution=
Filter the input field against to XSS attacks.
================

Top Authors In Last 30 Days

Red Hat 272 files
Ubuntu 64 files
Debian 19 files
LiquidWorm 18 files
Apple 9 files
Gentoo 5 files
Google Security Research 3 files
Chokri Hammedi 3 files
Alter Prime 3 files
Valentin Lobstein 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,945)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,337)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,987)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

Social Microblogging PRO 1.5 Cross Site Scripting

Social Microblogging PRO 1.5 Cross Site Scripting

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Social Microblogging PRO 1.5 Cross Site Scripting

Share This

Social Microblogging PRO 1.5 Cross Site Scripting

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems