Document Title: =============== Mcslinc CMS Cross Site Scripting Release Date: ============= 2016-12-30 Product & Service Introduction: =============================== Maurya Consultancy Services is primarily involved in all I.T. related services like web services, Industrial Automation and Online advertising. Our primary concern is to continuously upgrade our knowledge according to changing curve of technology and to introduce new ideas and concept to the world for which our R&D (Research and Development) department is always in process. (Copy of the Homepage: http://mcslinc.com/ ) Exploitation Technique: ======================= Remote Dork: ===== "Design by mcslinc.com" Proof of Concept (PoC): ======================= The vulnerability can be exploited by remote attackers without user account and with low user interaction. For security demonstration or to reproduce follow the provided information and steps below to continue. Manual steps to reproduce the vulnerability ... 1. Search Dork And Find Sites 2. Go to Admin page 3. Vulnerable File Is Login.php 4. So Enter This adress to site url: Site.com/[Patch]/login.php?err= (Xssed Here!) Site.com/[Patch]/login.php?err= (Xssed Here!) Note: If its Doesn't Work, You Can Test this address into "admin" Directory, Like: Site.com/[Patch]/Admin/login.php?err= (Xssed Here!) Demo: ===== http://www.raminfraspace.com/login.php?err=Xssed+By+Eagle+Security+Team http://swaroopkart.com/admin/login.php?err=Xssed+By+Eagle+Security+Team CWE: ==== (CWE-79) Credits & Authors: ================== Mr Keeper And 504w About: ====== Eagle Security Team