# Exploit Title: Multiplayer BlackJack - Online Casino Game 2.5 - Persistent Cross-Site scripting # Date: 2018-05-16 # Exploit Author: L0RD # Vendor Homepage: https://codecanyon.net/item/multiplayer-blackjack-online-casino-game/15411706?s_rank=1628 # CVE: N/A # Version: 2.5 # Description : Multiplayer BlackJack - Online Casino Game script has persistent cross site scripting that attacker # can set malicious payload into the vulnerable parameter. # POC : 1) click on the "sit" button in the web page 2) Put this payload into the "name" input and set wallet number : <script>alert(document.domain)</script> 3) You will get an alert box in the page .
Credits and Partners
All rights reserved nPulse.net 2009 - 2024
Powered by: MVCP 2.0-RC / BVCP / ASPF-MILTER / PHP 7.4 / NGINX / FreeBSD
