Authored by indoushka

ChiKoi version 1.0 suffers from a cross site scripting vulnerability.

====================================================================================================================================
| # Title : ChiKoi version 1.0 XSS Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 65.0(32-bit) |
| # Vendor : https://codeload.github.com/tanhongit/new-mvc-shop/zip/refs/tags/v1.0 |
| # Dork : |
====================================================================================================================================


poc :


[+] Dorking İn Google Or Other Search Enggine .

[+] Register a new membership and enter the membership control panel and choose to modify the member's profile and in the name field put any payload that suits you and then save the changes

[+] Use Payload : <script>alert(/indoushka/);</script>

[+] http://127.0.0.1/chikoiquan.tanhongitcom/

== Greetings to :===========================================================================
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* |
============================================================================================