CVE-2018-16456 Website Seller ScriptWebsite Seller Script- 2.0.5 – Stored XSS via Search by Keyword

I found that specified Exploit Title: Website Seller ScriptWebsite Seller Script- 2.0.5 – Stored XSS via Search by Keyword . To exploit this vulnerability, the following steps were taken.

1.Go to the site ( http://www.officialwebsiteforsale.com/ ).

2-Goto Homepage => Search by Keyword and paste this code in
Type Your Keyword => “><*img src=x onerror=prompt(/SARAFRAZ KHAN/)*> >and then click on Search.

3-Now You will having popup of /SARAFRAZ KHAN/ in the page..

Note=> Please Remove * from the Code

Leave a Comment