CVE-2018-16326 olx_clone 3.4.2 – Stored XSS via Search by Keyword

I found that specified Exploit Title: olx_clone 3.4.2 – Stored XSS via Search by Keyword. To exploit this vulnerability, the following steps were taken.

1.Go to the site ( http://74.124.215.220/~projclient/olx_clone/index ) .

2-Goto Homepage => Search by Keyword and paste this code in
Type Your Keyword => <*IMG"""><*SCRIPT>alert(“SARAFRAZ KHAN”)“>and then click on Search.

3-Now You will having popup of /SARAFRAZ KHAN/ in the page..

Note=> Please Remove * from the Code

Leave a Comment