CMS Made Simple 2.2.19 Cross Site Scripting
2024-2-22 23:8:6 Author: packetstormsecurity.com(查看原文) 阅读量:91 收藏

# Exploit Title: CMS Made Simple Version: 2.2.19 - Stored XSS
# Date: 2024-21-02
# Exploit Author: tmrswrr
# Vendor Homepage: https://www.cmsmadesimple.org/
# Version: 2.2.19
# Tested on: https://www.softaculous.com/demos/CMS_Made_Simple

1 ) log in as admin and go to Content > File Manager
2 ) Write in New directory: place payload "><img src=x onerrora=confirm() onerror=confirm(1)>
3 ) After click run you will be see alertbox


文章来源: https://packetstormsecurity.com/files/177243/cmsmadesimple2219-xss.txt
如有侵权请联系:admin#unsafe.sh