GetSimple CMS 5.7.3.1 Cross Site Scripting

GetSimple CMS 5.7.3.1 Cross Site Scripting: Posted Jun 29, 2015; Authored by Vadodil Joel Varghese; GetSimple CMS version 5.7.3.1 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 214f9d30727be2c3b2b4aa78f18251e30e604ff0e311e01b438ee81349215f74; Download | Favorite | View

GetSimple CMS 5.7.3.1 Cross Site Scripting

#Date: 29/06/2015
#Discovered by: Joel Vadodil Varghese
#Type of vulnerability: Persistent XSS
#Tested on: Windows 7
#Product: GetSimple CMS
#Version: 5.7.3.1
#Description: Application is vulnerable to Persistent XSS attack on page -

URL -
http://localhost/Getsimplecms-3.3.5/admin/edit.php?id=temp&upd=edit-success&type=edit
Payload - ">img src="blah.jpg" onerror="alert('XSS')"/

Notified Vendor: May 20, 2015
Response: June 19, 2015
Closure: June 23, 2015 (
https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1046)

-- 
Regards,

*Joel V*

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

GetSimple CMS 5.7.3.1 Cross Site Scripting

GetSimple CMS 5.7.3.1 Cross Site Scripting

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

GetSimple CMS 5.7.3.1 Cross Site Scripting

Share This

GetSimple CMS 5.7.3.1 Cross Site Scripting

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems