Easy File Sharing Web Server 6.8 - Persistent Cross-Site Scripting

EDB-ID:

35626




Platform:

PHP

Date:

2014-12-27


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

Exploit Title: Easy File Sharing Webserver =>6.8 Persistent XSS
Date: 12/26/14
Exploit Author: SickPsycko
Vendor Homepage: http://www.sharing-file.com/
Version:6.8
Tested on: Windows 7 32bit

The exploit is within the username field.
So to exploit this vulnerability, One must place the payload into the
specified field when registering.

http://i.imgur.com/bibu81C.png
Once logged in. User will be greeted with such.