Ministry of Defence of Bangladesh - XSS

Vulnerable page:


You can either include any XSS code in search input box, or request any XSS code directly using GET method and key parameter.

Note: This is a proof of concept and it doesn't reflect the views or interests of above websites.
Posted by Neo on 2017-09-07 22:041 comment8 likes


Changes in
- geoip_c.h was updated with GeoIPCountryWhois.csv released on June 7'th; there are 153678 IP ranges having 32 ranges in the fake "A1" country; 31 ranges were approximated to real countries
- the OpenSSL library was updated to 1.1.0f

File information: AdvOR
Posted by advor on 2017-06-11 10:480 comments8 likes


Changes in
# - Fixed bypass of public proxy lookup for local and private IP addresses in chat mode

File information: Blacklist
Posted by vhpython on 2017-05-22 12:470 comments9 likes


Even more stable.

Changes in
Commit log:

File information: Verlihub
Posted by verlihub on 2017-05-22 12:410 comments9 likes


Changes in
[ 36] Fixed: Errors on configuration conversion from string to number and vice versa, report by Alexandr
[ 38] Fixed: Lua 5.3 number to string conversions in MySQL queries
[ 39] Fixed: Missing default password value when adding new PM block entry
[ 37] Added: Optional reason to country code gag
[ 40] Added: Optional filter parameter to word ranks command, request by Meka][Meka
[ 41] Added: Split help texts and send on hub help command execution
[ 42] Added: Replacer debug configuration repldebug, request by KCAHDEP
[ 43] Added: IP gag now supports single IP, range or LRE, request by KCAHDEP
[ 44] Added: Forbidden chat nick MyINFO check
[ 45] Added: Column support to Team Elite hublist user search
[ 46] Added: Default type and limit parameters to user logger command, idea by Lord_Zero

File information: Ledokol
Posted by ledokol on 2017-05-22 12:340 comments8 likes
« Back • 3 • Next »