PHPJabbers Business Directory Script 3.2 Cross Site Scripting

PHPJabbers Business Directory Script 3.2 Cross Site Scripting: Posted Jan 31, 2023; Authored by CraCkEr; PHPJabbers Business Directory Script version 3.2 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | d2557e411d456bd34555a2aacdc580e243ce6132afdd23ed9686aef6b539969e; Download | Favorite | View

PHPJabbers Business Directory Script 3.2 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐
││                                     C r a C k E r                                    ┌┘
┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││
└───────────────────────────────────────────────────────────────────────────────────────┘┘

 ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘                                  [ Vulnerability ]                                   ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘
:  Author   : CraCkEr                                                                    :
│  Website  : PHPJabbers.com                                                             │
│  Vendor   : PHPJabbers                                                                 │
│  Software : PHPJabbers  Business Directory Script 3.2                                  │
│  Vuln Type: Reflected XSS                                                              │
│  Impact   : Manipulate the content of the site                                         │
│                                                                                        │
│────────────────────────────────────────────────────────────────────────────────────────│
│                                                                                       ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘
:                                                                                        :
│  Release Notes:                                                                        │
│  ═════════════                                                                         │
│  The attacker can send to victim a link containing a malicious URL in an email or      │
│  instant message can perform a wide variety of actions, such as stealing the victim's  │
│  session token or login credentials                                                    │
│                                                                                        │
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘                                                                                      ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘

Greets:

    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL   
       
  CryptoJob (Twitter) twitter.com/CryptozJob
     
┌┌───────────────────────────────────────────────────────────────────────────────────────┐
┌┘                                    © CraCkEr 2023                                    ┌┘
└───────────────────────────────────────────────────────────────────────────────────────┘┘

Path: /preview.php/

URL parameter vulnerable to XSS

/preview.php/[XSS]?controller=pjListings&action=pjActionAccount

GET parameter 'keyword' vulnerable to XSS

/preview.php?controller=pjListings&action=pjActionIndex&listing_search=1&keyword=[XSS]



[-] Done

Top Authors In Last 30 Days

Red Hat 141 files
Ubuntu 102 files
Debian 25 files
Google Security Research 11 files
LiquidWorm 10 files
Muhammad Navaid Zafar Ansari 7 files
Abdulhakim Oner 6 files
Jann Horn 5 files
fearzzzz 5 files
nu11secur1ty 5 files

File Archives

Systems

AIX (426)
Apple (1,951)
BSD (370)
CentOS (56)
Cisco (1,919)
Debian (6,711)
Fedora (1,691)
FreeBSD (1,242)
Gentoo (4,288)
HPUX (878)
iOS (338)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,066)
Mac OS X (684)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (12,879)
Slackware (941)
Solaris (1,609)
SUSE (1,444)
Ubuntu (8,431)
UNIX (9,206)
UnixWare (185)
Windows (6,530)
Other

PHPJabbers Business Directory Script 3.2 Cross Site Scripting

PHPJabbers Business Directory Script 3.2 Cross Site Scripting

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

PHPJabbers Business Directory Script 3.2 Cross Site Scripting

Share This

PHPJabbers Business Directory Script 3.2 Cross Site Scripting

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems