https://www.24hours.pk – XSS Vulnerability

Controversial Cyber Crime Bill approved by NA
April 13, 2016
pcb.com.pk – XSS vulnerability
May 16, 2016
Controversial Cyber Crime Bill approved by NA
April 13, 2016
pcb.com.pk – XSS vulnerability
May 16, 2016

https://www.24hours.pk – XSS Vulnerability

24hours.pk Online Shopping in Pakistan

 

Website : https://www.24hours.pk

Bug : Reflected XSS ( Cross site scripting)

Submitted By  : Haq Khokhar ( https://twitter.com/Abdulhaqkhokhar )

Location/ URL  :   https://www.24hours.pk/deals/search

Vulnerable Field : Search bar

Steps to Reproduce :
1)Goto : https://www.24hours.pk and select any City ( i.e https://www.24hours.pk/Karachi)
2)Now you can see there is an search bar so just past the XSS vector payload on here and hit the Enter.
3)After Hitting , you will get XSS Popup window.

Related posts

September 29, 2024

Detecting and Mitigating Active Directory Kerberoasting

Read more
August 22, 2024

Security Operations Center (SOC) in Pakistan: What to Log?

Read more
August 22, 2024

Hamster Kombat Daily Cipher – SCAM

Read more

Leave a Reply

https://www.24hours.pk – XSS Vulnerability
We value your privacy
We use cookies to enhance your browsing experience, serve personalized content, and analyze our traffic. By clicking "Accept All", and by using this website you agree to our Cookies and Data Protection Policy.
Read more