Mouse Media Script version 1.6.0 suffers from a stored cross site scripting vulnerability.
9bd45d892cefca1ccd97f12064adcdccdc46d6ba039a2cfc0cb41b78b22fe4e5# Exploit Title: Mouse Media Script Stored XSS Vulnerability
# Google Dork: "is your best source of fun." inurl:/view/popular
# Date: 04-10-2014
# Exploit Author: Halil Dalabasmaz
# Version: v1.6
# Software Link: http://codecanyon.net/item/mouse-media-script/7773254
# Software Test Link: http://media.nisgeo.com
# Tested on: Kali Linux & Iceweasel 31.2.0
# Sample Payload: "><script>alert(document.cookie);</script>
# Attack Description: Login to system and upload any of your image. When
uploading the image you need to enter the XSS payload to "Title" or
"Description" inputs. And then you can visit thıs home page to check the
uploaded payload. All these uploaded image and payload were completed
succesfully then all visitors and logged users will be affected by this
vulnerability.
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed