bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php/webapps/34089.txt
Offensive Security b98d02460d Updated 07_22_2014
2014-07-22 04:41:14 +00:00

18 lines
739 B
Text
Executable file
Raw Blame History

# Exploit Title: Multiple XSS vulnerabilities in Bilboplanet application
# Date: 10/15/13
# Exploit Author:Vivek N
# (http://nvivek.weebly.com/)
# Vendor Homepage: http://www.bilboplanet.com/
# Software Link: www.bilboplanet.com/index.php/downloads/?lang=en
# Version: 2.0
# Tested on: Windows
# CVE :
1. Stored XSS Vulnerability when creating and updating tribes in
http://localhost/bilboplanet/user/?page=tribes
POST Parameter: tribe_name
2. Stored XSS vulnerability when adding tag
http://localhost/bilboplanet/user/?page=tribes
POST Parameter: tags
3. Stored XSS in parameters : user_id and fullname
http://127.0.0.1/bilboplanet/signup.php
Reference in a new issue View git blame Copy permalink