Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



 2294

STORED XSS AFTER EFFECTS|WEAK PASSWORD POLICY|ADMIN BYPASSED

by Pentester708 - 14 January, 2020 - 07:58 PM
This post is by a banned member (Pentester708) - Unhide
652
Posts
482
Threads
5 Years of service
#1
This can be said as Weak Password Policy and is listed in the OWASP Top 10

Site:
Hidden Content
You must register or login to view this content.



Did a Stored XSS Went Well
So you can see the username and password in the screen itself
Go Have Fun
Btw you can only upload jpg,jpeg
No option to upload a php shell
Either try for the exif data via image or the modified name shit

Note: Only for educational purpose
[Image: Udpc9Lb.gif]
Telegram: https://t.me/candycainlobbies
Ad by brocain
This post is by a banned member (wiikid777) - Unhide
This post is by a banned member (erwinxxx) - Unhide
erwinxxx  
Registered
6
Posts
0
Threads
4 Years of service
#3
thanks
This post is by a banned member (gtawe31140) - Unhide
This post is by a banned member (Money-) - Unhide
Money-  
Infinity
1.054
Posts
10
Threads
5 Years of service
#5
Yo. Is this exploited by you?
This post is by a banned member (kwika) - Unhide
This post is by a banned member (aaaa11zzz) - Unhide
aaaa11zzz  
Registered
61
Posts
0
Threads
2 Years of service
#7
Thabjks
This post is by a banned member (mwil8492) - Unhide

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 3 Guest(s)