XSS - Wifi file Explorer

Iniciado por ANTRAX, Febrero 07, 2013, 11:41:13 AM

Tema anterior - Siguiente tema

0 Miembros y 1 Visitante están viendo este tema.

Febrero 07, 2013, 11:41:13 AM Ultima modificación: Enero 08, 2015, 02:36:07 PM por Expermicid

Aplicacion de android Wifi file explorer
Vector: <script>alert('xss');</script>
Resportado: SI

CitarHi Paul!

I'm ANTRAX, user of Underc0de (www.underc0de.org), this is a comunity of Security Research. We are White Hat and we report bugs to vulnerable sites.

Today while I used Wifi file explorer, I found a XSS in the search box of the aplication.
To reproduce the bug:

Enter to the website aplication

1.- http://192.168.x.x:8000
2.- Put in the search box: <script>alert('xss');</script>
3.- Push enter

Please, see the attached screenshot


if you need help to fix the bug, just tell us and we help you!

Our group does not charge money for this report, but if you want to help our community that continue to grow, please put our link on your site and we will continue reporting bugs!

Best Regards!
Underc0de Security Research