Nucleus CMS 3.65 Cross Site Scripting

2015.06.27

Credit: sharan kumar somana

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

?# Exploit Title: Persistent Cross Site Scripting Vulnerability in
nucleuscms
# Date: 25 July 2015
# Exploit Author: sharan kumar somana
# Vendor Homepage: http://www.nucleuscms.org
# Software Link:
http://sourceforge.net/projects/nucleuscms/?source=typ_redirect
# Version: 3.65
# Tested on: Windows 7
#################################################
nucleuscms is vulnerable for a Persistent Cross Site Scripting
Vulnerability.
The vulnerability affects 'title' parameter while adding a new item
#################################################

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Nucleus CMS 3.65 Cross Site Scripting

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.