SchoolCMS from poweritschools.com suffers from a persistent cross site scripting vulnerability.
04657ce44eab6207bb2f85801722c1f5c7aa38187d25c635e490394d63c427fcTitle: SchoolCMS Persistant XSS.
#Date: 03/12/12
#Author: VipVince
#Vendor: www.poweritschools.com
#Google Dork: /old_core/cal/eventform.php
#Tested on: Windows.
This is a Persistant XSS used in the software by many schools.
About 225 results (0.21 seconds)
The vulnerability lies in the eventform.php file.
Entering your JavaScript into the form boxes and saving the event will store and trigger your persistent XSS script. Simplez. Have fun.
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed