5pmweb.com suffers from a cross site scripting vulnerability.
44c1d53849693014d71a3e5d067e1538fe075a9353af17787fab810787c01387
#author: provensec
#description: Easy, Customizable Project Management SAS
#vendor: 5pmweb.com
#exploit
1 Goto site. 5pmweb.com/index.php <http://site.5pmweb.com/index.php>
2 Add new task fill description and name field with xss payload "><img
src=d onerror=confirm(1);>
and then click on the task as given in the screenshot
http://prntscr.com/4pxe6j
3 Javascript will execute