bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/49751.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

16 lines
No EOL
653 B
Text
Raw Permalink Blame History

# Exploit Title: CMSimple 5.2 - 'External' Stored XSS
# Date: 2021/04/07
# Exploit Author: Quadron Research Lab
# Version: CMSimple 5.2
# Tested on: Windows 10 x64 HUN/ENG Professional
# Vendor: https://www.cmsimple.org/en/
[Description]
The CMSimple 5.2 allow stored XSS via the Settings > CMS > Filebrowser > "External:" input field.
[Attack Vectors]
The CMSimple cms "Filebrowser" "External:" input field not filter special chars. It is possible to place JavaScript code.
The JavaScript code placed here is executed by clicking on the Page or Files tab.
[Proof of Concept]
https://github.com/Quadron-Research-Lab/CVE/blob/main/CMSimple_5.2_XSS.pdf
Reference in a new issue View git blame Copy permalink