what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Abhishek Joshi

GetSimple CMS Custom JS 0.1 CSRF / XSS / Code Execution

Posted May 2, 2021

Authored by Bobby Cooke, Abhishek Joshi

The Custom JS plugin version 0.1 for GetSimple CMS suffers from a cross site request forgery vulnerability that allows remote unauthenticated attackers to inject arbitrary client-side code into authenticated administrators browsers, which results in remote code execution on the hosting server, when an authenticated administrator visits a malicious third party website.

tags | exploit, remote, arbitrary, code execution, csrf

SHA-256 | 37fb00eaa335aa6aa61ddf4f19d244b74484eafd86b630f87d5ad3af340ea879

Download | Favorite | View

GetSimple CMS Custom JS 0.1 Cross Site Request Forgery / Cross Site Scripting

Posted Mar 26, 2021

Authored by Abhishek Joshi

GetSimple CMS Custom JS plugin version 0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf

SHA-256 | f8515a697bd43d6bc1e7a544b80861b8f892d912ba39ee0ded35abda0c9c0518

Download | Favorite | View