< ------------------- header data start ------------------- >

#############################################################

# Application Name : DARelease

# Vulnerable Type : Cross Site Scripting

# Infection : Yönetici ve User cookie’leri çalinabilir.

# Bug Fix Advice : Zararli karakterler filtrelenmelidir.

# Author : qrusher- | Bug Researchers

# Example : http://www.darelease.com/search.php
Post Search Box

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

><script>alert(document.cookie)</script> // Post Search Box

< -- bug code start -- >

.htaccess Dosyasinin içine assagidaki kodu yazin ve böylece sitenize yapilan herhangi bir XSS
saldirisinda siteniz hata verecektir.

RewriteEngine On
RewriteCond %{QUERY_STRING} base64_encode.*\\\\(.*\\\\) [OR]
RewriteCond %{QUERY_STRING} (\\\\<|<).*script.*(\\\\>|>) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\\\\[|\\\\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\\\\[|\\\\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]


< -- bug code end of -- >