URL redirection through HTML injection in Responsive Video News Script (PHP Script mall):[CVE-2019-8361]

Vulnerability Description => HTML injection is a type of injection issue that occurs when a user is able to control an input point and is able to inject arbitrary HTML code into a vulnerable web page.




1. Go to the site (http://ordermanagementscript.com/demo/video-newspaper/). ⇓ ⇓ ⇓ ⇓




2-In Search Bar paste this code => <h1><a href=”https://google.com”>YOU ARE HACKED</a></h1>
⇓ ⇓ ⇓ ⇓



3- You will be redirected to the next page ⇓ ⇓ ⇓ ⇓



4- Now you can see YOU ARE HACKED name button ⇓ ⇓ ⇓ ⇓




5. Click the YOU ARE HACKED name button then you redirected to google.com ⇓ ⇓ ⇓ ⇓

Advertisements

3 thoughts on “URL redirection through HTML injection in Responsive Video News Script (PHP Script mall):[CVE-2019-8361]

Add yours

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a website or blog at WordPress.com

Up ↑

Create your website at WordPress.com
Get started
%d bloggers like this: