Home > CVE > CVE-2018-15184:Naukri / Shine / Jobsite Clone Script -3.0.4 -has Stored XSS Vulnerability

CVE-2018-15184:Naukri / Shine / Jobsite Clone Script -3.0.4 -has Stored XSS Vulnerability

CVE-2018-15184-Vikas Chaudhary

CVE-2018-15184 – MySelf Vikas Chaudhary , i’m Cyber Security Analyst , I found that specified PHPSCRIPTSMALL- Naukri / Shine / Jobsite Clone Script -3.0.4 – has Reflected , Stored XSS Vulnerability Via USERNAME. To exploit this vulnerability, the following steps were taken.

VENDOR SUMMARY :- PHP Scripts Mall Pvt. Ltd. is a professional software selling portal offering wide range of innovative. PHP Scripts Mall is a leading business and technology firm with 12 years of successful track record in completion and implementation of numerous projects in various verticals and domains.. It has 300 plus PHP scripts ready to buy.

VULNERABILITY DESCRIPTION :- Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites.XSS attacks occur when an attacker uses a web application to send malicious code, Attacker can Change the web interface or can dedirect to Admin or User to any malicious Link.

1- Go to the Vendor Link https://www.phpscriptsmall.com/product/naukri-clone-script/ or Click here

2- Select Register With Job Portal page (Register now) .

CVE-2018-15184-Vikas Chaudhary

3- Create an account using your Email address Password and soo on

4- Verify your mail address and come back to site and sign in .

5- Go to Profile=> Edit Contact Details and put this code in USERNAME => “>< *svg onload=alert(/VIKAS/)>< " and click on Save

CVE-2018-15184-Vikas Chaudhary
CVE-2018-15184-Vikas Chaudhary

[ Note=> Remove * from script]

6- You will having a popup of /VIKAS/ .

CVE-2018-15184-Vikas Chaudhary

My Previous CVE (Visit Once)…

ALL CVE
CVE-2018-15183
CVE-2018-15182
CVE-2018-15181
CVE-2018-15191
CVE-2018-15190
CVE-2018-14541
CVE-2018-14082

CONTACT US



Summary
Article Name=>
CVE-2018-15184
Description=>
Naukri / Shine / Jobsite Clone Script -3.0.4 -has Stored XSS Vulnerability Founded and Exposed by Vikas Chaudhary
Author=>
Publisher Name=>
www.gkaim.com
Admin
Welcome Sir, .. Myself Vikas Chaudhary , i was interested in general knowledge since childhood , so i thought why not to share my knowledge with you, that's why i created this educational blog. Here you find world wide general knowledge of all Latest technology , Science & History Que , and Mysterious fact of the world. Here you also find knowledge about cyber security. Thanks for visit.. keep supporting....keep Loving
https://www.gkaim.com

5 thoughts on “CVE-2018-15184:Naukri / Shine / Jobsite Clone Script -3.0.4 -has Stored XSS Vulnerability

Leave a Reply

Your email address will not be published.

%d bloggers like this:
\