Home > CVE > CVE-2018-15183:Myperfectresume / JobHero / Resume Clone Script 2.0.6 – has Stored XSS Vulnerability via Full name and Title

CVE-2018-15183:Myperfectresume / JobHero / Resume Clone Script 2.0.6 – has Stored XSS Vulnerability via Full name and Title

CVE-2018-15183-Vikas Chaudhary

CVE-2018-15183 – MySelf Vikas Chaudhary , i’m Cyber Security Analyst , I found that specified PHPSCRIPTSMALL- Myperfectresume / JobHero / Resume Clone Script 2.0.6 – Stored XSS Vulnerability via Full name and Title . To exploit this vulnerability, the following steps were taken.

VENDOR SUMMARY :- PHP Scripts Mall Pvt. Ltd. is a professional software selling portal offering wide range of innovative. PHP Scripts Mall is a leading business and technology firm with 12 years of successful track record in completion and implementation of numerous projects in various verticals and domains.. It has 300 plus PHP scripts ready to buy.

VULNERABILITY DESCRIPTION :- Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites.XSS attacks occur when an attacker uses a web application to send malicious code, Attacker can Change the web interface or can dedirect to Admin or User to any malicious Link.

1-Go to Vendor Product Link https://www.phpscriptsmall.com/product/resume-builder-script/ or Click here

CVE-2018-15183-Vikas Chaudhary

2- Select REGISTER page (Register now) .

3- Create an account using your Email address and paste this Script in following Parameter

In Full Name => < *img src =x onError=alert("VIKAS")>

In Title => < *img src =x onError=alert("CHAUDHARY")>


[ Note=> Remove * from script]

CVE-2018-15183-Vikas Chaudhary

4-Now login it using your Email and Password .

5- You will having two popup of VIKAS and CHAUDHARY in you account when you loged in.

CVE-2018-15183-Vikas Chaudhary
CVE-2018-15183-Vikas Chaudhary

CVE-2018-15183-Vikas Chaudhary

My Previous CVE (Visit Once)…

ALL CVE
CVE-2018-15182
CVE-2018-15181
CVE-2018-15191
CVE-2018-15190
CVE-2018-14541
CVE-2018-14082
CVE-2018-13256

CONTACT US



Admin
Welcome Sir, .. Myself Vikas Chaudhary , i was interested in general knowledge since childhood , so i thought why not to share my knowledge with you, that's why i created this educational blog. Here you find world wide general knowledge of all Latest technology , Science & History Que , and Mysterious fact of the world. Here you also find knowledge about cyber security. Thanks for visit.. keep supporting....keep Loving
https://www.gkaim.com

8 thoughts on “CVE-2018-15183:Myperfectresume / JobHero / Resume Clone Script 2.0.6 – has Stored XSS Vulnerability via Full name and Title

  1. JUMIA ELECTRONICS MEGA SALE – High Voltage Deals and Low Voltage Prices.

    Click here to see all of our exclusive deals : http://shorl.com/pavohugipyhi

    1) Canon Pixma E414 Inkjet (Print, Scan & Copy Printer) – reduced from N16,990 to N7,990.

    2) Hewlett Packard Notebook 15-ra007nia (4GB RAM, 500GB HDD) – reduced from N99,990 to N90,490.

    3) LG Bluetooth DVD Home Theatre – price reduction from N70,000 to N61,499.

    4) Mooka 32inch LED HD Television with A-Class Screen – price reduction from N50,070 to N40,700.

    5) Midea 4 Burner Gas Cooker – price reduction from N45,000 to N34,100.

    6) BRUHM 100 ltrs Blossom Series Chest Freezer – price reduction from N60,000 to N46,840.

    Grab these deals now >> http://tiny.cc/electronicsmegadeal

    Best Prices on TVs, Home Theatres, Cellphones, Notebooks and more.

    Up to 60% OFF.

    7 Days Risk Free Returns – 100% Money Back Guarantee.

    Local After Sales Support – Over 160 Repair Centres in Naija.

    Discount ends soon so buy now >> https://tinyurl.com/electronicsmegadeal

Leave a Reply

Your email address will not be published.