4dbf640f70
5 changes to exploits/shellcodes Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution CMSimple 5.2 - 'External' Stored XSS DMA Radius Manager 4.4.0 - Cross-Site Request Forgery (CSRF) Composr 10.0.36 - Remote Code Execution
16 lines
No EOL
669 B
Text
16 lines
No EOL
669 B
Text
# Exploit Title: CMSimple 5.2 - 'External' Stored XSS
|
|
# Date: 2021/04/07
|
|
# Exploit Author: Quadron Research Lab
|
|
# Version: CMSimple 5.2
|
|
# Tested on: Windows 10 x64 HUN/ENG Professional
|
|
# Vendor: https://www.cmsimple.org/en/
|
|
|
|
[Description]
|
|
The CMSimple 5.2 allow stored XSS via the Settings > CMS > Filebrowser > "External:" input field.
|
|
|
|
[Attack Vectors]
|
|
The CMSimple cms "Filebrowser" "External:" input field not filter special chars. It is possible to place JavaScript code.
|
|
The JavaScript code placed here is executed by clicking on the Page or Files tab.
|
|
|
|
[Proof of Concept]
|
|
https://github.com/Quadron-Research-Lab/CVE/blob/main/CMSimple_5.2_XSS.pdf |