######################################################################
[+] Title: Script Question2Answer 1.7 - Stored XSS Vulnerability
[+] Author: s0w
[+] Tested On Windows & Linux
[+] Date: 21/03/2015
[+] Type: Web Application
[+] Script Download: https://github.com/q2a/question2answer
[+] Vendor Homepage: http://www.question2answer.org
[+] Vulnerability in:\qa-include\pages\question.php
[+] Google Dork : intext:"Powered by Question2Answer"
#######################################################################

[+] As shown in the code, the value of 'title' and 'textbody' not filtered
by 'htmlspecialcharts'
    which cause stored xss and same in data-store in webserver SQL commands
.

[+] Exploit :
    1. Browse application in browser ..
    2. Add new question with xss code like alert method ;)
    3. submit the new question to viewers ..
    4. complete next steps as xss in tag,body,title,.. etc ..
    5. Finally submit your Qes ..
    6. Test your target in main page ./index.php ..
    7. Use this in Cookies,alerts, Or TrafficBots :D Have Fun !!

[+] XSS Pattern can be used: '"<script>alert(/s0w/)</script>
[+] Demo Video : http://youtu.be/6qy9DXifNiw
[+] Demo Target :
    http://soualwjoab.com/

# Discovered By: s0w
# Contact: fb.me/s0w.egy
# Mail: s0wxp0c@gmail.com

‪#‎ Greetz‬ To Egyptian Shell team | Sec4ever ‪#