Exploits / Vulnerability Discovered : 2023-05-02 |
Type : webapps |
Platform : php
This exploit / vulnerability Reviveadserver v5.4.1 crosssite scripting (xss) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
Exploit Title: revive-adserver v5.4.1 - Cross-Site Scripting (XSS)
Application: revive-adserver
Version: 5.4.1
Bugs: XSS
Technology: PHP
Vendor URL: https://www.revive-adserver.com/
Software Link: https://www.revive-adserver.com/download/
Date of found: 31-03-2023
Author: Mirabbas Ağalarov
Tested on: Linux
1. Go to create banner
2. select the advanced section
3. Write this payload in the prepend and append parameters (%3Cscript%3Ealert%281%29%3C%2Fscript%3E)